CVE-2020-6212
Last modified
CVE-2020-6212 is a medium-severity vulnerability rated 5.4/10 on the CVSS scale. Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.. EPSS estimates a 0.65% chance of exploitation in the next 30 days.
Description
Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Erp | 607 |
| Sap | Erp | 618 |
| Sap | Erp | 730 |
| Sap | S\/4hana | 100 |
| Sap | S\/4hana | 101 |
| Sap | S\/4hana | 102 |
| Sap | S\/4hana | 103 |
| Sap | S\/4hana | 104 |
References
- https://launchpad.support.sap.com/#/notes/2864966Permissions Required, Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2864966Permissions Required, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-6212?
How severe is CVE-2020-6212?
How do I fix CVE-2020-6212?
Are you affected by CVE-2020-6212?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST