CVE-2020-6241 — Vulnetix

CVE-2020-6241 PUBLISHED CVSS 8.800000190734863 HIGH

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection.

EPSS 0.51% · 66.6th percentile

Risk Scores

CVSS v3.0

8.800000190734863

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.51%

66.6th percentile

Affected Products

Vendor	Product	Versions
sap	adaptive_server_enterprise	16.0
SAP SE	SAP Adaptive Server Enterprise	< 16.0
SAP	N/A

Timeline

May 12, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 25, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 2, 2022 EPSS Score
Sep 4, 2022 EPSS Score

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222 advisory
https://launchpad.support.sap.com/#/notes/2916927 url
https://nvd.nist.gov/vuln/detail/CVE-2020-6241 advisory

Open in Interactive Console →