CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6195

SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to gain access to system and If password is known, it would give administrative rights to the attacker to read/modify delete the data and rights within the system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.7%

CVSS Severity

CVSS v3 Score 6.4

CVSS v2 Score 5.0

References

https://launchpad.support.sap.com/#/notes/2878507
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
https://launchpad.support.sap.com/#/notes/2878507
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

Products affected by CVE-2020-6195

Sap » Businessobjects Business Intelligence Platform » Version: 4.1

cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.1
Sap » Businessobjects Business Intelligence Platform » Version: 4.2

cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6195

Products

Pricing

Contact Us