Vulnerability Details CVE-2020-6214
SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploitation of the vulnerability would allow an authenticated attacker to view, change, or delete data, thereby preventing the proper segregation of duties in the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.5%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 6.5
References