Vulnerabilities > CVE-2020-6247 - Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sap

NVD

Published: 2020-05-12

Updated: 2021-07-21

Summary

SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated attacker to prevent legitimate users from accessing a service. Using a specially crafted request, the attacker can crash or flood the Central Management Server, thereby impacting system availability.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Businessobjects Business Intelligence Platform 4.2	1

References

https://launchpad.support.sap.com/#/notes/2828558
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222