cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-6204,https://securityvulnerability.io/vulnerability/CVE-2020-6204,Data Exposure in SAP Treasury and Risk Management by SAP,"A critical issue in SAP Treasury and Risk Management (Transaction Management) allows for an excessive number of records to be returned during query operations when displaying contract numbers. This results in a lack of proper authorization checks, potentially exposing sensitive data to unauthorized users. The impact spans multiple versions of EA-FINSERV and S4CORE, necessitating immediate action to mitigate security risks.",SAP,"SAP Treasury And Risk Management (transaction Management) (ea-finserv),SAP Treasury And Risk Management (transaction Management) (s4core)",4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-03-10T20:20:12.000Z,0
CVE-2019-0384,https://securityvulnerability.io/vulnerability/CVE-2019-0384,Vulnerability in Transaction Management of SAP Treasury and Risk Management,"In SAP Treasury and Risk Management, inadequate authorization checks in the transaction management module could allow unauthorized access to functionalities that necessitate user identification. This oversight poses a significant risk, potentially enabling unauthorized users to perform actions that should only be permissible by authenticated personnel. SAP has released updates in specific versions of S4CORE and EA-FINSERV to address and rectify this vulnerability.",SAP,"SAP Treasury And Risk Management (s4core),SAP Treasury And Risk Management (ea-finserv)",8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2019-12-17T19:24:06.000Z,0
CVE-2019-0383,https://securityvulnerability.io/vulnerability/CVE-2019-0383,Authorization Bypass in SAP Treasury and Risk Management by SAP,"The absence of adequate authorization checks in SAP Treasury and Risk Management allows authenticated users to escalate their privileges, potentially leading to unauthorized access to sensitive information and actions within the application. This vulnerability affects specific versions of the S4CORE and EA-FINSERV products, necessitating updates to ensure the integrity and security of the system. Users should promptly implement the recommended updates to mitigate security risks.",SAP,"SAP Treasury And Risk Management (s4core),SAP Treasury And Risk Management (ea-finserv)",8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2019-12-17T19:21:56.000Z,0
CVE-2019-0280,https://securityvulnerability.io/vulnerability/CVE-2019-0280,Privilege Escalation in SAP Treasury and Risk Management by SAP,"SAP Treasury and Risk Management versions EA-FINSERV and S4CORE are affected by a vulnerability that lacks necessary authorization checks for critical authorization objects, specifically T_DEAL_DP and T_DEAL_PD. This oversight could allow unauthorized users to escalate their privileges, granting them access to sensitive financial data and operational capabilities they would not normally have. Organizations utilizing these versions should prioritize applying the updates provided by SAP to mitigate potential risks associated with this vulnerability.",SAP,"SAP Treasury And Risk Management(ea-finserv),SAP Enterprise Financial Services (s4core)",8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2019-05-14T20:20:04.000Z,0