The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
The SAP application server ABAP and ABAP Platform are susceptible to code injection, SQL injection, and missing authorization vulnerabilities. Multiple SAP products are affected.