Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Adaptive Server Enterprise Security Vulnerabilities - 2020

cve
cve

CVE-2020-6241

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection.

8.8CVSS

8.8AI Score

0.001EPSS

2020-05-12 06:15 PM
46
cve
cve

CVE-2020-6243

Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected ser...

8.8CVSS

8.5AI Score

0.001EPSS

2020-05-12 06:15 PM
45
cve
cve

CVE-2020-6250

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop the...

6.8CVSS

7AI Score

0.0004EPSS

2020-05-12 06:15 PM
42
cve
cve

CVE-2020-6253

Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute, leading to SQL Injec...

7.2CVSS

7.7AI Score

0.001EPSS

2020-05-12 06:15 PM
39
cve
cve

CVE-2020-6259

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check.

6.5CVSS

6.3AI Score

0.001EPSS

2020-05-12 06:15 PM
40
cve
cve

CVE-2020-6295

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to vi...

7.8CVSS

7.3AI Score

0.0004EPSS

2020-08-12 02:15 PM
24
cve
cve

CVE-2020-6317

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or re...

3.5CVSS

3.9AI Score

0.0004EPSS

2020-11-30 07:15 PM
30