CVE-2020-6259 — Vulnetix

CVE-2020-6259 PUBLISHED CVSS 6.5 MEDIUM

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check.

EPSS 0.25% · 48.8th percentile

Risk Scores

CVSS v3.0

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.25%

48.8th percentile

Affected Products

Vendor	Product	Versions
SAP SE	SAP Adaptive Server Enterprise	< 15.7, < 16.0
sap	adaptive_server_enterprise	15.7, 16.0

Timeline

May 12, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 25, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 2, 2022 EPSS Score
Sep 4, 2022 EPSS Score

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222 url
https://launchpad.support.sap.com/#/notes/2920548 url
https://nvd.nist.gov/vuln/detail/CVE-2020-6259 advisory

Open in Interactive Console →