CVE-2020-6301

SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:hcm_travel_management:600:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:602:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:603:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:604:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:605:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:606:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:607:*:*:*:*:*:*:*
cpe:2.3:a:sap:hcm_travel_management:608:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-08-12 14:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-6301

Mitre link : CVE-2020-6301

CVE.ORG link : CVE-2020-6301


JSON object : View

Products Affected

sap

  • hcm_travel_management
CWE
CWE-862

Missing Authorization