CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-0384
https://notcve.org/view.php?id=CVE-2019-0384
17 Dec 2019 — Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity. Transaction Management en SAP Treasury and Risk Management (corregida en S4CORE versiones 1.01, 1.02, 1.03, 1.04 y EA-FINSERV versiones 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0), no realiza las comprobaciones de autori... • https://launchpad.support.sap.com/#/notes/2828981 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-0383
https://notcve.org/view.php?id=CVE-2019-0383
17 Dec 2019 — Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Transaction Management en SAP Treasury and Risk Management (corregida en S4CORE versiones 1.01, 1.02, 1.03, 1.04 y EA-FINSERV versiones 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0), no realiza las compro... • https://launchpad.support.sap.com/#/notes/2819170 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2018-2484
https://notcve.org/view.php?id=CVE-2018-2484
08 Jan 2019 — SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. SAP Enterprise Financial Services (solucionado en SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) no rea... • http://www.securityfocus.com/bid/106477 • CWE-862: Missing Authorization •