CVE-2020-6316
published 2020-11-10CVE-2020-6316: SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | erp | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap_se | sap_erp | < 600 | 600 |
| sap_se | sap_erp | < 602 | 602 |
| sap_se | sap_erp | < 603 | 603 |
| sap_se | sap_erp | < 604 | 604 |
| sap_se | sap_erp | < 605 | 605 |
| sap_se | sap_erp | < 606 | 606 |
| sap_se | sap_erp | < 616 | 616 |
| sap_se | sap_erp | < 617 | 617 |
| sap_se | sap_erp | < 618 | 618 |
| sap_se | sap_s_4_hana | < 100 | 100 |
| sap_se | sap_s_4_hana | < 101 | 101 |