Vulnerability in Sap Se Business Objects Intelligence Platform
CVE-2020-6245
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
EPSS: 0.001 (17.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Sap Se Business Objects Intelligence Platform — versions < 4.2
Weakness classification (CWE)
References
- wiki.scn.sap.com/wiki/pages/viewpage.action (x_refsource_MISC)
- launchpad.support.sap.com/ (x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-6245?
- CVE-2020-6245 is a medium-severity vulnerability in Sap Se Business Objects Intelligence Platform, classified under Resource Injection. CVSS score: 6.5/10. Published 2020-05-12.
- How severe is CVE-2020-6245?
- Medium severity. CVSS v3 base score is 6.5 out of 10.