Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-6212

Опубликовано: 24 апр. 2020
Источник: nvd
CVSS3: 5.4
CVSS3: 5.4
CVSS2: 5.5
EPSS Низкий

Описание

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:erp:607:*:*:*:*:*:*:*
cpe:2.3:a:sap:erp:618:*:*:*:*:*:*:*
cpe:2.3:a:sap:erp:730:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:101:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:102:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:103:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:104:*:*:*:*:*:*:*

EPSS

Процентиль: 32%
0.00126
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

github логотип

GHSA-mxmm-49jq-5jrw

github
больше 3 лет назад

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.

EPSS

Процентиль: 32%
0.00126
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-862