CVE-2020-6227
5.3
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
SAP Business Objects Business Intelligence Platform (CMS / Auditing issues), version 4.2, allows attacker to send specially crafted GIOP packets to several services due to Improper Input Validation, allowing to forge additional entries in GLF log files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Business Objects Business Intelligence Platform (CMS / Auditing issues) | < 4.2 | affected |
Weaknesses
- Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
- https://launchpad.support.sap.com/#/notes/2863396
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
- https://launchpad.support.sap.com/#/notes/2863396
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.