CVE-2020-6316 vulnerability in SAP Products
Published on November 10, 2020
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
Products Associated with CVE-2020-6316
stack.watch emails you whenever new vulnerabilities are published in SAP Erp or SAP S4hana. Just hit a watch button to start following.
Affected Versions
SAP SE SAP ERP:- Version < 600 is affected.
- Version < 602 is affected.
- Version < 603 is affected.
- Version < 604 is affected.
- Version < 605 is affected.
- Version < 606 is affected.
- Version < 616 is affected.
- Version < 617 is affected.
- Version < 618 is affected.
- Version < 100 is affected.
- Version < 101 is affected.
- Version < 102 is affected.
- Version < 103 is affected.
- Version < 104 is affected.
Exploit Probability
EPSS
0.15%
Percentile
35.40%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.