← voltar
CVE-2020-6293

CVE-2020-6293

CVSS 7.3 HIGHEPSS 0.9%
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.3EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 ago 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access control lists and other upload file size restrictions, leading to Unrestricted File Upload.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
SAP SE · SAP NetWeaver (Knowledge Management)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://launchpad.support.sap.com/#/notes/2938162https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345