CVE-2020-6245

Sažetak

SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.

Reference

https://launchpad.support.sap.com/#/notes/2828558
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

14-05-2020 - 19:03

Objavljeno

12-05-2020 - 18:15