CVE-2020-6212 Information

Description

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618 730 EAPPLGLO 607) and S/4 HANA (versions 100 101 102 103 104) do not perform necessary authorization checks for an authenticated user allowing reading or modification of some tax reports due to Missing Authorization Check.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Reference

https://launchpad.support.sap.com//notes/2864966 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4