CVE-2020-6239
4.4
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Business One (Backup service) | < 9.3 | affected |
| SAP SE | SAP Business One (Backup service) | < 10.0 | affected |
Weaknesses
- Information Disclosure
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775
- https://launchpad.support.sap.com/#/notes/2908382
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775
- https://launchpad.support.sap.com/#/notes/2908382
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.