Vulnerability Details CVE-2020-6301
SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.2%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 5.5
References
Products affected by CVE-2020-6301
-
cpe:2.3:a:sap:hcm_travel_management:600
-
cpe:2.3:a:sap:hcm_travel_management:602
-
cpe:2.3:a:sap:hcm_travel_management:603
-
cpe:2.3:a:sap:hcm_travel_management:604
-
cpe:2.3:a:sap:hcm_travel_management:605
-
cpe:2.3:a:sap:hcm_travel_management:606
-
cpe:2.3:a:sap:hcm_travel_management:607
-
cpe:2.3:a:sap:hcm_travel_management:608