CVE-2020-6301
published 2020-08-12CVE-2020-6301: SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and…
high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap | hcm_travel_management | — | — |
| sap_se | sap_erp | < 600 | 600 |
| sap_se | sap_erp | < 602 | 602 |
| sap_se | sap_erp | < 603 | 603 |
| sap_se | sap_erp | < 604 | 604 |
| sap_se | sap_erp | < 605 | 605 |
| sap_se | sap_erp | < 606 | 606 |
| sap_se | sap_erp | < 607 | 607 |
| sap_se | sap_erp | < 608 | 608 |