Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-6316 | 1 Sap | 2 Erp, S\/4hana | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check. | |||||
CVE-2020-6212 | 1 Sap | 2 Erp, S\/4hana | 2024-02-04 | 5.5 MEDIUM | 5.4 MEDIUM |
Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check. | |||||
CVE-2020-6188 | 1 Sap | 2 Erp, S\/4 Hana | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check. | |||||
CVE-2020-6199 | 1 Sap | 1 Erp | 2024-02-04 | 5.5 MEDIUM | 5.4 MEDIUM |
The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to Missing Authorization Check. | |||||
CVE-2014-2748 | 1 Sap | 2 Enhancement Package, Erp | 2024-02-04 | 7.5 HIGH | N/A |
The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NOTE: some of these details are obtained from third party information. |