CVE-2026-40136
Denial of service (DoS) in SAP Financial Consolidation
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 may 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity of the data
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Productos afectados
SAP_SE · SAP Financial Consolidation¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →