Lucene search

SapCVELIST:CVE-2020-6233

HistoryApr 14, 2020 - 6:34 p.m.

CVE-2020-6233

2020-04-1418:34:47

sap

www.cve.org

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

31.4%

JSON

SAP S/4 HANA (Financial Products Subledger and Banking Services), versions - FSAPPL 400, 450, 500 and S4FPSL 100, allows an authenticated user to run an analysis report due to Missing Authorization Check, resulting in slowing the system.

CNA Affected

[
  {
    "product": "SAP S/4 HANA (Financial Products Subledger and Banking Services) (FSAPPL)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 400"
      },
      {
        "status": "affected",
        "version": "< 450"
      },
      {
        "status": "affected",
        "version": "< 500"
      }
    ]
  },
  {
    "product": "SAP S/4 HANA (Financial Products Subledger and Banking Services) (S4FPSL)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 100"
      }
    ]
  }
]

References

launchpad.support.sap.com/#/notes/2904796

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

31.4%

JSON

Related for CVELIST:CVE-2020-6233