"value":"SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents."
}
]
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang":"eng",
"value":"CWE-862: Missing Authorization",
"cweId":"CWE-862"
}
]
}
]
},
"affects":{
"vendor":{
"vendor_data":[
{
"vendor_name":"SAP_SE",
"product":{
"product_data":[
{
"product_name":"SAP Fiori apps 1.0 for travel management in SAP ERP (My Travel Requests)",