Sap Se Sap Erp vulnerabilities

6 known vulnerabilities affecting sap_se/sap_erp.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2020-6316MEDIUMCVSS 4.3fixed in 600fixed in 602+7 more2020-11-10
CVE-2020-6316 [MEDIUM] CWE-862 CVE-2020-6316: SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
cvelistv5nvd
CVE-2020-6301HIGHCVSS 8.1fixed in 600fixed in 602+6 more2020-08-12
CVE-2020-6301 [HIGH] CWE-862 CVE-2020-6301: SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authen SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
cvelistv5nvd
CVE-2020-6268HIGHCVSS 8.1fixed in EA-FINSERV 600fixed in 603+10 more2020-06-10
CVE-2020-6268 [HIGH] CWE-862 CVE-2020-6268: Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 60 Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) does not execute the required authorization checks for an authenticated user, allowing an attacker to view and tamper with certain restricted data leading to Missing Authorization Check.
cvelistv5nvd
CVE-2020-6212MEDIUMCVSS 5.4fixed in 618fixed in 730+1 more2020-04-24
CVE-2020-6212 [MEDIUM] CWE-862 CVE-2020-6212: Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Che
cvelistv5nvd
CVE-2020-6199MEDIUMCVSS 5.4fixed in 607fixed in 618+1 more2020-03-10
CVE-2020-6199 [MEDIUM] CWE-862 CVE-2020-6199: The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN ver The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to
cvelistv5nvd
CVE-2020-6188HIGHCVSS 8.8v= 6.0v= 6.02+10 more2020-02-12
CVE-2020-6188 [HIGH] CWE-862 CVE-2020-6188: VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN ver VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check.
cvelistv5nvd