CVE-2020-6241

Опубликовано: 12 мая 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection.

Ссылки

https://launchpad.support.sap.com/#/notes/2916927
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2916927
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:adaptive_server_enterprise:16.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00508

Низкий

8.8 High

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-r2pq-px9m-8f6r

github

больше 3 лет назад

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection.

EPSS

Процентиль: 66%

0.00508

Низкий

8.8 High

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89