CVE-2020-6298
published 2020-08-12CVE-2020-6298: SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data…
high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | generic_market_data | — | — |
| sap | generic_market_data | — | — |
| sap | generic_market_data | — | — |
| sap_se | sap_banking_services | < 400 | 400 |
| sap_se | sap_banking_services | < 450 | 450 |
| sap_se | sap_banking_services | < 500 | 500 |