Missing Authorization Check in SAP S/4 HANA Financial Products Subledger and Banking Services

Missing Authorization Check in SAP S/4 HANA Financial Products Subledger and Banking Services

CVE-2020-6233 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

SAP S/4 HANA (Financial Products Subledger and Banking Services), versions - FSAPPL 400, 450, 500 and S4FPSL 100, allows an authenticated user to run an analysis report due to Missing Authorization Check, resulting in slowing the system.

Learn more about our User Device Pen Test.