SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn could lead to Service interruptions and system unavailability for the victim and users of the component.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2020-10-20T13:31:51

Updated: 2024-08-04T09:02:39.846Z

Reserved: 2020-01-08T00:00:00

Link: CVE-2020-6362

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-10-20T14:15:14.413

Modified: 2024-11-21T05:35:34.860

Link: CVE-2020-6362

cve-icon Redhat

No data.