CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21467
https://notcve.org/view.php?id=CVE-2021-21467
12 Jan 2021 — SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check. SAP Banking Services (Generic Market Data) no llevan a cabo las comprobaciones de autorización necesarias para un usuario autenticado, resultando en una escalada de privilegios. Un Usuario no autorizado puede mostrar el ... • https://launchpad.support.sap.com/#/notes/3008422 • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6362
https://notcve.org/view.php?id=CVE-2020-6362
20 Oct 2020 — SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn could lead to Service interruptions and system unavailability for the victim and users of the component. SAP Banking Services versión 500, usa un objeto de autorización incorrecto en algunos de sus reportes. Aun... • https://launchpad.support.sap.com/#/notes/2953212 • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-6233
https://notcve.org/view.php?id=CVE-2020-6233
14 Apr 2020 — SAP S/4 HANA (Financial Products Subledger and Banking Services), versions - FSAPPL 400, 450, 500 and S4FPSL 100, allows an authenticated user to run an analysis report due to Missing Authorization Check, resulting in slowing the system. SAP S/4 HANA (Financial Products Subledger and Banking Services), versiones - FSAPPL 400, 450, 500 y S4FPSL 100, permite a un usuario autenticado ejecutar un reporte de análisis debido a una Falta de Comprobación de Autorización, resultando en una desaceleración del sistema... • https://launchpad.support.sap.com/#/notes/2904796 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-0276
https://notcve.org/view.php?id=CVE-2019-0276
12 Mar 2019 — Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Financial Products Subledger (S4FPSL, version 1) performs an inadequate authorization check for an authenticated user, potentially resulting in escalation of privileges. Los servicios bancarios de SAP 9.0 (FSAPPL, versión 5) y SAP S/4HANA Financial Products Subledger (S4FPSL, versión 1) realizan una comprobación de autorización inadecuada para un usuario autenticado, conduciendo a un escalado de privilegios. • http://www.securityfocus.com/bid/107353 • CWE-863: Incorrect Authorization •