CVE-2020-6301

🗓️ 12 Aug 2020 13:50:55Reported by sapType

SAP ERP (HCM Travel Management) allows unauthorized attacker to read, modify and settle trip

Reporter	Title	Published	Views	Family All 8
CNVD	SAP HCM Travel Management Elevation of Privilege Vulnerability	6 Nov 202000:00	–	cnvd
Cvelist	CVE-2020-6301	12 Aug 202013:50	–	cvelist
EUVD	EUVD-2020-27451	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in SAP	13 Oct 202000:00	–	ncsc
NVD	CVE-2020-6301	12 Aug 202014:15	–	nvd
OSV	CVE-2020-6301	12 Aug 202014:15	–	osv
Prion	Authorization	12 Aug 202014:15	–	prion
RedhatCVE	CVE-2020-6301	22 May 202517:30	–	redhatcve

NVD

Vulners

Node

sap hcm_travel_managementMatch600

sap hcm_travel_managementMatch602

sap hcm_travel_managementMatch603

sap hcm_travel_managementMatch604

sap hcm_travel_managementMatch605

sap hcm_travel_managementMatch606

sap hcm_travel_managementMatch607

sap hcm_travel_managementMatch608

[
  {
    "product": "SAP ERP (HCM Travel Management)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 600"
      },
      {
        "status": "affected",
        "version": "< 602"
      },
      {
        "status": "affected",
        "version": "< 603"
      },
      {
        "status": "affected",
        "version": "< 604"
      },
      {
        "status": "affected",
        "version": "< 605"
      },
      {
        "status": "affected",
        "version": "< 606"
      },
      {
        "status": "affected",
        "version": "< 607"
      },
      {
        "status": "affected",
        "version": "< 608"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

21 Nov 2024 05:35Current

8High risk

Vulners AI Score8

CVSS 25.5

CVSS 3.18.1

CVSS 35.4

EPSS0.00179

CWE-862