CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6311

Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. This may result in privilege escalation and may expose restricted banking data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://launchpad.support.sap.com/#/notes/2951325
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700
https://launchpad.support.sap.com/#/notes/2951325
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Products affected by CVE-2020-6311

Sap » Bank Analyzer » Version: 500

cpe:2.3:a:sap:bank_analyzer:500
Sap » S/4hana For Financial Products Subledger » Version: 100

cpe:2.3:a:sap:s/4hana_for_financial_products_subledger:100

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6311

Products

Pricing

Contact Us