CVE-2020-6256
First published: Tue May 12 2020(Updated: )
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Master Data Governance | =748 | |
| SAP Master Data Governance | =749 | |
| SAP Master Data Governance | =750 | |
| SAP Master Data Governance | =751 | |
| SAP Master Data Governance | =752 | |
| SAP Master Data Governance | =800 | |
| SAP Master Data Governance | =801 | |
| SAP Master Data Governance | =802 | |
| SAP Master Data Governance | =803 | |
| SAP Master Data Governance | =804 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-6256?
CVE-2020-6256 is a vulnerability in SAP Master Data Governance versions 748, 749, 750, 751, 752, 800, 801, 802, 803, 804 that allows users to display change request details without required authorizations.
How severe is CVE-2020-6256?
CVE-2020-6256 has a severity keyword of medium with a severity value of 4.3.
How can I fix the CVE-2020-6256 vulnerability?
To fix CVE-2020-6256, apply the necessary patches provided by SAP as mentioned in the SAP notes linked in the references.
What is the CWE associated with CVE-2020-6256?
The CWE associated with CVE-2020-6256 is CWE-862.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap master data governance
- version/sap master data governance/748
- version/sap master data governance/749
- version/sap master data governance/750
- version/sap master data governance/751
- version/sap master data governance/752
- version/sap master data governance/800
- version/sap master data governance/801
- version/sap master data governance/802
- version/sap master data governance/803
- version/sap master data governance/804