CVE-2020-6245

medium

Description

SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222

https://launchpad.support.sap.com/#/notes/2828558

Details

Source: Mitre, NVD

Published: 2020-05-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.7

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

EPSS

EPSS: 0.00054