Описание
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:enterprise_financial_services:1.01:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:1.02:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:1.03:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:1.04:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:1.05:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.00:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.03:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.04:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.05:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.06:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.16:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.17:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:6.18:*:*:*:*:*:*:*
cpe:2.3:a:sap:enterprise_financial_services:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
github
больше 3 лет назад
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
EPSS
Процентиль: 35%
0.00146
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862