CVE-2020-6296

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
sapCNA
8.3 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
sapabap_platform
7.31
𝑥
= Vulnerable software versions
References
https://launchpad.support.sap.com/#/notes/2941667
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345
https://launchpad.support.sap.com/#/notes/2941667
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345