CVE-2020-6218

Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to access information that should otherwise be restricted, leading to Information Disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
sapCNA
5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
sapbusinessobjects_business_intelligence_platform
4.1
sapbusinessobjects_business_intelligence_platform
4.2
𝑥
= Vulnerable software versions
References
https://launchpad.support.sap.com/#/notes/2878507
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
https://launchpad.support.sap.com/#/notes/2878507
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202