Description
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. This may result in privilege escalation and may expose restricted banking data.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| SAP SE | BANKING SERVICES FROM SAP 9.0(Bank Analyzer) | affected |
|
||||||
| SAP SE | S/4HANA FIN PROD SUBLDGR | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-27461 | Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. This may result in privilege escalation and may expose restricted banking data. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2024-08-04T08:55:22.265Z
Reserved: 2020-01-08T00:00:00.000Z
Link: CVE-2020-6311
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-09T14:15:12.820
Modified: 2024-11-21T05:35:29.153
Link: CVE-2020-6311
Redhat
No data.
OpenCVE Enrichment
No data.