Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
SAP
Authentication Bypass
Leasing
NVD
CVSS 3.1
2.7
EPSS
0.6%