In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or render unavailable any other information in the cockpit or system. This affects SAP Adaptive Server Enterprise, Versions - 15.7, 16.0.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2953203 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2020-11-30T18:53:12
Updated: 2020-11-30T18:56:57
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6317
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-30T19:15:12.537
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-6317
JSON object: View
Redhat Information
No data.
CWE