CVE-2020-6212

Summary

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP ERP< 618affected
SAP SESAP ERP< 730affected
SAP SESAP ERP< EAPPLGLO 607affected
SAP SESAP S/4 HANA< 100affected
SAP SESAP S/4 HANA< 101affected
SAP SESAP S/4 HANA< 102affected
SAP SESAP S/4 HANA< 103affected
SAP SESAP S/4 HANA< 104affected

Weaknesses

  • Missing Authorization Check

ADP Enrichment

CVE Program Container

Additional References

References