CVE-2020-6316
First published: Tue Nov 10 2020(Updated: )
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP ERP | =600 | |
| SAP ERP | =602 | |
| SAP ERP | =603 | |
| SAP ERP | =604 | |
| SAP ERP | =605 | |
| SAP ERP | =606 | |
| SAP ERP | =616 | |
| SAP ERP | =617 | |
| SAP ERP | =618 | |
| Sap S\/4hana | =100 | |
| Sap S\/4hana | =101 | |
| Sap S\/4hana | =102 | |
| Sap S\/4hana | =103 | |
| Sap S\/4hana | =104 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/sap
- canonical/sap erp
- version/sap erp/600
- version/sap erp/602
- version/sap erp/603
- version/sap erp/604
- version/sap erp/605
- version/sap erp/606
- version/sap erp/616
- version/sap erp/617
- version/sap erp/618
- canonical/sap s\/4hana
- version/sap s\/4hana/100
- version/sap s\/4hana/101
- version/sap s\/4hana/102
- version/sap s\/4hana/103
- version/sap s\/4hana/104