Skip links
RedRays
Published in: sap note

CVE-2020-6269 Information Disclosure in SAP Business Objects Business Intelligence Platform, SAP security note 2905836

Author
Published on:

Description

Under certain conditions, SAP Business Objects allows an attacker to access information which would otherwise be restricted.

Some well-known impacts of Information Disclosure are –

  • Loss of information and system configuration confidentiality
  • Information gathering for further exploits and attacks 

Available fix and Supported packages

  • ENTERPRISE | 420 | 420
  • ENTERPRISE | 430 | 430
  • SBOP BI PLATFORM SERVERS 4.2 | SP007 | 001000
  • SBOP BI PLATFORM SERVERS 4.2 | SP008 | 000200
  • SBOP BI PLATFORM SERVERS 4.2 | SP009 | 000000
  • SBOP BI PLATFORM SERVERS 4.3 | SP000 | 000000

Affected component

    BI-DEV-WEB
    Platform Web Services

CVSS

Score: 4.3
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2905836

TAGS

#Information-Exposure
#Information-Leak
#&160-CVE-2020-6269

You may also like