Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to view, modify and/or make unavailable any data associated with the Cockpit, leading to Information Disclosure.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2941332 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2020-08-12T13:28:28
Updated: 2020-08-12T13:28:28
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6295
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-12T14:15:14.127
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-6295
JSON object: View
Redhat Information
No data.