CVE-2020-6251

Description

Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker to access information which would otherwise be restricted.

CVSS breakdown

CVSS 3.0

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

SAP_SE / SAP BusinessObjects Business Intelligence Platform< 4.2 – < 4.2

References

MISChttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
MISChttps://launchpad.support.sap.com/#/notes/2828558