Lucene search

K
nvd[email protected]NVD:CVE-2020-6250
HistoryMay 12, 2020 - 6:15 p.m.

CVE-2020-6250

2020-05-1218:15:14
web.nvd.nist.gov
3

CVSS2

6.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:P/I:P/A:C

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0

Percentile

12.6%

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop the server like an administrator.

Affected configurations

Nvd
Node
sapadaptive_server_enterpriseMatch16.0
VendorProductVersionCPE
sapadaptive_server_enterprise16.0cpe:2.3:a:sap:adaptive_server_enterprise:16.0:*:*:*:*:*:*:*

CVSS2

6.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:P/I:P/A:C

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0

Percentile

12.6%

Related for NVD:CVE-2020-6250