Vulnerabilities > CVE-2020-6297 - Unspecified vulnerability in SAP Data Intelligence 3.0

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

sap

NVD

Published: 2020-08-12

Updated: 2024-11-21

Summary

Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Data Intelligence 3.0	1

References

https://launchpad.support.sap.com/#/notes/2940823
https://launchpad.support.sap.com/#/notes/2940823
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345