← Back

CVE-2020-6212

nvd nist
Published: Apr 24, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.5
Source: NVD

Description

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.

Affected (8)

Products: Sap: Erp, S/4hana
Sap
2 products
Erp
S/4hana
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Erp
Version 607
Erp
Version 618
Erp
Version 730
Sap
S/4hana
Version 100
S/4hana
Version 101
S/4hana
Version 102
S/4hana
Version 103
S/4hana
Version 104

Related CWEs

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (4)

Source: cna@sap.com
Permissions RequiredVendor Advisory
Source: cna@sap.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.