CVE-2019-0384
https://notcve.org/view.php?id=CVE-2019-0384
Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity. Transaction Management en SAP Treasury and Risk Management (corregida en S4CORE versiones 1.01, 1.02, 1.03, 1.04 y EA-FINSERV versiones 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0), no realiza las comprobaciones de autorización necesarias para funcionalidades que requieren identidad de usuario. • https://launchpad.support.sap.com/#/notes/2828981 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 • CWE-863: Incorrect Authorization •
CVE-2019-0383
https://notcve.org/view.php?id=CVE-2019-0383
Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Transaction Management en SAP Treasury and Risk Management (corregida en S4CORE versiones 1.01, 1.02, 1.03, 1.04 y EA-FINSERV versiones 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0), no realiza las comprobaciones de autorización necesarias para un usuario autenticado, resultando en una escalada de privilegios. • https://launchpad.support.sap.com/#/notes/2819170 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 • CWE-863: Incorrect Authorization •