CVE-2020-6208 is a vulnerability in SAP Crystal Reports
Published on March 10, 2020

SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability.

NVD

Products Associated with CVE-2020-6208

Want to know whenever a new CVE is published for SAP Crystal Reports? stack.watch will email you.

SAP Crystal Reports

Affected Versions

SAP SE SAP Business Objects Business Intelligence Platform (Crystal Reports):

Version < 4.1 is affected.
Version < 4.2 is affected.

Exploit Probability

EPSS

2.60%

Percentile

85.41%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6208 is a vulnerability in SAP Crystal ReportsPublished on March 10, 2020

Products Associated with CVE-2020-6208

Affected Versions

Exploit Probability

CVE-2020-6208 is a vulnerability in SAP Crystal Reports
Published on March 10, 2020