Описание
SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:disclosure_management:10.1:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00411
Низкий
7.2 High
CVSS3
7.5 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check.
EPSS
Процентиль: 61%
0.00411
Низкий
7.2 High
CVSS3
7.5 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-862