CVE-2018-2454
CVE-2018-2454 affects SAP Enterprise Financial Services versions 6.05, 6.06, 6.16, 6.17, 6.18 and 8.0 in the function EAFS_BCA_BUSOPR_2 . The issue arises from missing authorization checks for an authenticated user, enabling an escalation of privileges. NVD reports CVSSv3.0 base score 8.8 (HIGH) ...