Vulnerabilities > SAP > Enterprise Financial Services

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2021-21486 Missing Authorization vulnerability in SAP Enterprise Financial Services
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
6.5
6.5
2018-09-11 CVE-2018-2455 Missing Authorization vulnerability in SAP Enterprise Financial Services
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_SEPA) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
6.5
6.5
2018-09-11 CVE-2018-2454 Missing Authorization vulnerability in SAP Enterprise Financial Services
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_2) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
6.5
6.5