CVE-2020-6242
published 2020-05-12CVE-2020-6242: SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificate, leading to Missing Authentication Check.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | businessobjects_business_intelligence_platform | — | — |
| sap | businessobjects_business_intelligence_platform | — | — |
| sap | businessobjects_business_intelligence_platform | — | — |
| sap | businessobjects_business_intelligence_platform | — | — |
| sap | businessobjects_business_intelligence_platform | — | — |
| sap_se | sap_business_objects_business_intelligence_platform | < 1.0 | 1.0 |
| sap_se | sap_business_objects_business_intelligence_platform | < 2.0 | 2.0 |
| sap_se | sap_business_objects_business_intelligence_platform | < 2.x | 2.x |