CVE-2020-6212
MEDIUMSAP ERP and S/4 HANA - Missing Authorization Check in Egypt Localized Withholding Tax Reports
Title source: llmDescription
Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/2864966
Scores
CVSS v3
5.4
EPSS
0.0013
EPSS Percentile
31.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-862
Status
published
Products (8)
sap/erp
607
sap/erp
618
sap/erp
730
sap/s\/4hana
100
sap/s\/4hana
101
sap/s\/4hana
102
sap/s\/4hana
103
sap/s\/4hana
104
Published
Apr 24, 2020
Tracked Since
Feb 18, 2026