9 matches found
EUVD-2018-14274
Malware in sbrugna...
CVE-2019-0383
Transaction Management in SAP Treasury and Risk Management corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privilege...
CVE-2020-6204
CVE-2020-6204 affects SAP Treasury and Risk Management (Transaction Management) in EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104. The root cause is a selection/query that returns more records than expected when displaying the contract numbe...
CVE-2019-0384
Transaction Management in SAP Treasury and Risk Management corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 does not perform necessary authorization checks for functionalities that require user identity...
SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
SAP Treasury and Risk Management CVE-2019-0383 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
CVE-2019-0280
CVE-2019-0280 affects SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03–6.06, 6.16–6.18, and 8.0; S4CORE 1.01–1.03). The issue is missing authorization checks on objects T_DEAL_DP and T_DEAL_PD, leading to escalation of privileges. The vulnerability is documented with HIGH impact per CVSSv3 ...
CVE-2018-2484
SAP Enterprise Financial Services fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.6320 does not perform necessary authorization checks for an authenticated user, resulting in escalation of...
CVE-2018-2419
CVE-2018-2419 concerns SAP Enterprise Financial Services (SAPSCORE 1.11/1.12; S4CORE 1.01/1.02; EA-FINSERV 6.x, 8.0) where an authenticated user can escalate privileges due to missing authorization checks. The description and related sources corroborate a privilege-escalation flaw without detaili...