CVE-2020-6259Missing Authorization in SE SAP Adaptive Server Enterprise

CWE-862Missing Authorization3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 51.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Adaptive Server EnterpriseSAP Adaptive Server Enterprise
Timeline
PublishedMay 12
Latest updateMay 24

Description

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDsap/adaptive15.7, 16.0+1

🔴Vulnerability Details

2
GHSA
GHSA-c9wh-fj9q-2xrv: Under certain conditions SAP Adaptive Server Enterprise, versions 152022-05-24
CVEList
CVE-2020-6259: Under certain conditions SAP Adaptive Server Enterprise, versions 152020-05-12
CVE-2020-6259 — Missing Authorization | cvebase