Unrated severityNVD Advisory· Published May 12, 2020· Updated Aug 4, 2024
CVE-2020-6249
CVE-2020-6249
Description
The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection.
Affected products
4- Range: S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748
- SAP SE/SAP Master Data Governance (S4CORE)v5Range: < 101
- SAP SE/SAP Master Data Governance (S4FND)v5Range: < 102
- SAP SE/SAP Master Data Governance (SAP_BS_FND)v5Range: < 748
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.