CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6236

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. This results in the possibility to execute these files as root user from a non-root context, leading to Privilege Escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.9%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://launchpad.support.sap.com/#/notes/2902456
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
https://launchpad.support.sap.com/#/notes/2902456
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

Products affected by CVE-2020-6236

Sap » Adaptive Extensions » Version: 1.0

cpe:2.3:a:sap:adaptive_extensions:1.0
Sap » Landscape Management » Version: 3.0

cpe:2.3:a:sap:landscape_management:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6236

Products

Pricing

Contact Us