CVE-2020-6188
published 2020-02-12CVE-2020-6188: VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | erp | — | — |
| sap | s_4_hana | — | — |
| sap | s_4_hana | — | — |
| sap | s_4_hana | — | — |
| sap | s_4_hana | — | — |
| sap | s_4_hana | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_erp | — | — |
| sap_se | sap_s_4_hana | — | — |
| sap_se | sap_s_4_hana | — | — |
| sap_se | sap_s_4_hana | — | — |
| sap_se | sap_s_4_hana | — | — |
| sap_se | sap_s_4_hana | — | — |