CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6273

SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.5%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

https://launchpad.support.sap.com/#/notes/2885671
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345
https://launchpad.support.sap.com/#/notes/2885671
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345

Products affected by CVE-2020-6273

Sap » S/4 Hana Fiori Ui For General Ledger Accounting » Version: 103

cpe:2.3:a:sap:s/4_hana_fiori_ui_for_general_ledger_accounting:103
Sap » S/4 Hana Fiori Ui For General Ledger Accounting » Version: 104

cpe:2.3:a:sap:s/4_hana_fiori_ui_for_general_ledger_accounting:104

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6273

Products

Pricing

Contact Us