CVE-2020-6245 is a vulnerability in SAP Businessobjects Business Intelligence Platform
Published on May 12, 2020
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
Weakness Type
What is an Insecure Direct Object Reference Vulnerability?
The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.
CVE-2020-6245 has been classified to as an Insecure Direct Object Reference vulnerability or weakness.
Products Associated with CVE-2020-6245
Want to know whenever a new CVE is published for SAP Businessobjects Business Intelligence Platform? stack.watch will email you.
Affected Versions
SAP SE SAP Business Objects Business Intelligence Platform Version < 4.2 is affected by CVE-2020-6245Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.