CVE-2020-6256

Summary

SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Master Data Governance< 748affected
SAP SESAP Master Data Governance< 749affected
SAP SESAP Master Data Governance< 750affected
SAP SESAP Master Data Governance< 751affected
SAP SESAP Master Data Governance< 752affected
SAP SESAP Master Data Governance< 800affected
SAP SESAP Master Data Governance< 801affected
SAP SESAP Master Data Governance< 802affected
SAP SESAP Master Data Governance< 803affected
SAP SESAP Master Data Governance< 804affected

Weaknesses

  • Missing Authorization Check

ADP Enrichment

CVE Program Container

Additional References

References