|
198711
|
8.1 |
HIGH
Network
|
sap
|
hcm_travel_management
|
SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of priv…
|
CWE-862
Missing Authorization
|
CVE-2020-6301
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198712
|
4.8 |
MEDIUM
Network
|
sap
|
businessobjects_business_intelligence_platform
|
SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code t…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6300
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198713
|
4.3 |
MEDIUM
Network
|
sap
|
abap_platform
netweaver_application_server_abap
|
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Inform…
|
NVD-CWE-noinfo
|
CVE-2020-6299
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198714
|
8.1 |
HIGH
Network
|
sap
|
generic_market_data
|
SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure val…
|
CWE-862
Missing Authorization
|
CVE-2020-6298
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198715
|
4.4 |
MEDIUM
Local
|
sap
|
data_intelligence
|
Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be …
|
NVD-CWE-noinfo
|
CVE-2020-6297
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198716
|
8.8 |
HIGH
Network
|
sap
|
abap_platform
netweaver_application_server_abap
|
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leadin…
|
NVD-CWE-noinfo
|
CVE-2020-6296
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198717
|
7.8 |
HIGH
Local
|
sap
|
adaptive_server_enterprise
|
Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log fil…
|
CWE-532
CWE-732
Inclusion of Sensitive Information in Log Files
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-6295
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198718
|
9.1 |
CRITICAL
Network
|
sap
|
businessobjects_business_intelligence_platform
|
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-6294
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198719
|
6.5 |
MEDIUM
Network
|
sap
|
netweaver_knowledge_management
|
SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files bu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-6293
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198720
|
9.0 |
CRITICAL
Network
|
sap
|
netweaver_knowledge_management
|
SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privil…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6284
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
