Missing Authorization Check in SAP Banking Services (Generic Market Data) Allows Unauthorized Access and Data Manipulation
CVE-2020-6298 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.
Learn more about our User Device Pen Test.