SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2944188 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2020-11-10T16:11:29
Updated: 2020-11-10T16:11:29
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6316
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-10T17:15:15.233
Modified: 2020-11-24T16:50:29.877
Link: CVE-2020-6316
JSON object: View
Redhat Information
No data.
CWE