Lucene search
SapCVELIST:CVE-2020-6248HistoryMay 12, 2020 - 5:50 p.m.
CVE-2020-6248
2020-05-1217:50:57
sap
www.cve.org
5
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
40.0%
SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection.
CNA Affected
[
{
"product": "SAP Adaptive Server Enterprise (Backup Server)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 16.0"
}
]
}
]Related
cve
cve
CVE-2020-6248
2020-05-12 18:15:14
nvd
nvd
CVE-2020-6248
2020-05-12 18:15:14
prion
prion
Code injection
2020-05-12 18:15:00
thn
thn
Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
2020-06-03 12:56:00
threatpost
threatpost
Critical SAP ASE Flaws Allow Complete Control of Databases
2020-06-03 16:51:39
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
40.0%
Related for CVELIST:CVE-2020-6248