{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T19:57:22.416","vulnerabilities":[{"cve":{"id":"CVE-2020-6362","sourceIdentifier":"cna@sap.com","published":"2020-10-20T14:15:14.413","lastModified":"2024-11-21T05:35:34.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulnerability could lead to privilege escalation and violation in segregation of duties, which in turn could lead to Service interruptions and system unavailability for the victim and users of the component."},{"lang":"es","value":"SAP Banking Services versión 500, usa un objeto de autorización incorrecto en algunos de sus reportes. Aunque los reportes afectados están protegidos con otros objetos de autorización, la explotación de la vulnerabilidad podría conducir a una escalada de privilegios y una violación en la segregación de funciones, lo que a su vez podría conllevar a interrupciones del servicio y una falta de disponibilidad del sistema para la víctima y los usuarios del componente"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:C","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:banking_services:500:*:*:*:*:*:*:*","matchCriteriaId":"454A0980-DF72-4083-B42D-DFD7BDE7A5CD"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/2953212","source":"cna@sap.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/2953212","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}