{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T19:38:55.759","vulnerabilities":[{"cve":{"id":"CVE-2020-6270","sourceIdentifier":"cna@sap.com","published":"2020-06-10T13:15:18.477","lastModified":"2024-11-21T05:35:24.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user leading to wrong prices."},{"lang":"es","value":"SAP NetWeaver AS ABAP (Banking Services), versiones: 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, no realiza las comprobaciones de autorización necesarias para un usuario autenticado debido a la Falta de Comprobación de Autorización, permitiendo un cambio incorrecto e inesperado de condiciones individuales por un usuario malicioso conllevando a precios incorrectos"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:75a:*:*:*:*:*:*:*","matchCriteriaId":"BF4998F3-74DB-4E8C-BBEA-DFE0246D9C49"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:75b:*:*:*:*:*:*:*","matchCriteriaId":"2C81F522-B48C-4FF1-BABF-1BD32D6E950F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:75c:*:*:*:*:*:*:*","matchCriteriaId":"D40BB558-1858-4EE4-8569-94C210AAC5DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:75d:*:*:*:*:*:*:*","matchCriteriaId":"51091237-042F-4056-8A49-178CDB486AF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:75e:*:*:*:*:*:*:*","matchCriteriaId":"FD164F9E-A9FA-4DCD-82EC-2C6C79F4D79D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:710:*:*:*:*:*:*:*","matchCriteriaId":"9B5BF1EC-C2A6-486B-8E63-0A7ED431C1F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:711:*:*:*:*:*:*:*","matchCriteriaId":"17847B21-8BE6-4359-913B-B6592D37C655"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*","matchCriteriaId":"127E508F-6CC1-41C8-96DF-8D14FFDD4020"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*","matchCriteriaId":"7777AA80-1608-420E-B7D5-09ABECD51728"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*","matchCriteriaId":"0539618A-1C4D-463F-B2BB-DD1C239C23EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*","matchCriteriaId":"62828DCD-F80E-4C7C-A988-EFEA06A5223E"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/2916562","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/2916562","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}