Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe
Filtered by product Erp
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6316 1 Sap 2 Erp, S\/4hana 2024-02-04 4.0 MEDIUM 4.3 MEDIUM
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
CVE-2020-6212 1 Sap 2 Erp, S\/4hana 2024-02-04 5.5 MEDIUM 5.4 MEDIUM
Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.
CVE-2020-6188 1 Sap 2 Erp, S\/4 Hana 2024-02-04 6.5 MEDIUM 8.8 HIGH
VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check.
CVE-2020-6199 1 Sap 1 Erp 2024-02-04 5.5 MEDIUM 5.4 MEDIUM
The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to Missing Authorization Check.
CVE-2014-2748 1 Sap 2 Enhancement Package, Erp 2024-02-04 7.5 HIGH N/A
The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NOTE: some of these details are obtained from third party information.