Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024

CVE-2020-6199

Description

The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to Missing Authorization Check.

Affected products

SAP/SAP ERP (MENA Certificate Management)llm-create
Range: EAPPGLO 607, SAP_FIN 618, 730
SAP SE/SAP ERP (EAPPGLO)v5
Range: < 607
SAP SE/SAP ERP (SAP_FIN)v5
Range: < 618
SAP SE/SAP S/4HANA (S4CORE)v5
Range: < 100

Patches

Vulnerability mechanics

References

launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000