Missing Authorization Check in SAP Identity Management 8.0

Missing Authorization Check in SAP Identity Management 8.0

CVE-2020-6258 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check.

Learn more about our User Device Pen Test.