exploitDog

GHSA-frq6-rwpv-5f3j

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check.

SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check.

Ссылки

EPSS

Процентиль: 61%

0.00411

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2020-6209

CVSS3: 7.5

nvd

почти 6 лет назад

SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check.

EPSS

Процентиль: 61%

0.00411

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-862