Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024
CVE-2020-6204
CVE-2020-6204
Description
The selection query in SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) returns more records than it should be when selecting and displaying the contract number, leading to Missing Authorization Check.
Affected products
3- Range: EA-FINSERV 600,603,604,605,606,616,617,618,800; S4CORE 101,102,103,104
- SAP SE/SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV)v5Range: < 600
- SAP SE/SAP Treasury and Risk Management (Transaction Management) (S4CORE)v5Range: < 101
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.