Known Vulnerabilities
CVE-2021-21467
SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check.
MEDIUM
CVSS 4.3
Published Jan 12, 2021
CVE-2020-6298
SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.
HIGH
CVSS 8.3
Published Aug 12, 2020