SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2020-27423 | SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: sap
Published:
Updated: 2024-08-04T08:55:22.195Z
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6273

No data.

Status : Modified
Published: 2020-08-12T14:15:13.783
Modified: 2024-11-21T05:35:25.230
Link: CVE-2020-6273

No data.

No data.