CVE-2020-6247

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 47.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Business Objects Business Intelligence PlatformSAP Businessobjects Business Intelligence Platform
Timeline
PublishedMay 12
Latest updateMay 24

Description

SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated attacker to prevent legitimate users from accessing a service. Using a specially crafted request, the attacker can crash or flood the Central Management Server, thereby impacting system availability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-wq2w-hx52-r5gj: SAP Business Objects Business Intelligence Platform, version 42022-05-24
CVEList
CVE-2020-6247: SAP Business Objects Business Intelligence Platform, version 42020-05-12
CVE-2020-6247 (HIGH CVSS 7.5) | SAP Business Objects Business Intel | cvebase.io