8.8
CVE-2020-6296
- EPSS 0.5%
- Published 12.08.2020 14:15:14
- Last modified 21.11.2024 05:35:27
- Source cna@sap.com
- Teams watchlist Login
- Open Login
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
Data is provided by the National Vulnerability Database (NVD)
SAP ≫ Abap Platform Version7.31
SAP ≫ Abap Platform Version700
SAP ≫ Abap Platform Version701
SAP ≫ Abap Platform Version702
SAP ≫ Abap Platform Version710
SAP ≫ Abap Platform Version711
SAP ≫ Abap Platform Version740
SAP ≫ Abap Platform Version750
SAP ≫ Abap Platform Version751
SAP ≫ Abap Platform Version753
SAP ≫ Abap Platform Version755
SAP ≫ Netweaver Application Server Abap Version700
SAP ≫ Netweaver Application Server Abap Version701
SAP ≫ Netweaver Application Server Abap Version702
SAP ≫ Netweaver Application Server Abap Version710
SAP ≫ Netweaver Application Server Abap Version711
SAP ≫ Netweaver Application Server Abap Version731
SAP ≫ Netweaver Application Server Abap Version740
SAP ≫ Netweaver Application Server Abap Version750
SAP ≫ Netweaver Application Server Abap Version751
SAP ≫ Netweaver Application Server Abap Version753
SAP ≫ Netweaver Application Server Abap Version755
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.5% | 0.65 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
| cna@sap.com | 8.3 | 2.8 | 5.5 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
|