CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6244

SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.3%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 4.4

References

https://launchpad.support.sap.com/#/notes/2911801
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
https://launchpad.support.sap.com/#/notes/2911801
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222

Products affected by CVE-2020-6244

Sap » Business Client » Version: 6.0

cpe:2.3:a:sap:business_client:6.0
Sap » Business Client » Version: 6.5

cpe:2.3:a:sap:business_client:6.5
Sap » Business Client » Version: 7.0

cpe:2.3:a:sap:business_client:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6244

Products

Pricing

Contact Us