CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
22.7%
SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user leading to wrong prices.
Vendor | Product | Version | CPE |
---|---|---|---|
sap | netweaver_application_server_abap | 75a | cpe:2.3:a:sap:netweaver_application_server_abap:75a:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 75b | cpe:2.3:a:sap:netweaver_application_server_abap:75b:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 75c | cpe:2.3:a:sap:netweaver_application_server_abap:75c:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 75d | cpe:2.3:a:sap:netweaver_application_server_abap:75d:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 75e | cpe:2.3:a:sap:netweaver_application_server_abap:75e:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 710 | cpe:2.3:a:sap:netweaver_application_server_abap:710:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 711 | cpe:2.3:a:sap:netweaver_application_server_abap:711:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 740 | cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 750 | cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:* |
sap | netweaver_application_server_abap | 751 | cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
22.7%