Missing Authorization Check in SAP Master Data Governance Allows Unauthorized Display of Change Request Details
CVE-2020-6256 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check.
Learn more about our User Device Pen Test.