A user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request. (CVE-2020-5873)
Impact
An authenticated user with Resource Administrator role can run shell commands with elevated privilege.