CVE-2020-6218 Information

Description

Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform versions 4.1 4.2 allows an attacker to access information that should otherwise be restricted leading to Information Disclosure.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Reference

https://launchpad.support.sap.com//notes/2878507 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

5.0