CVE-2020-6320

Published: Sep 9, 2020Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiality and Integrity of data in the application.

Affected (3)

Products: Sap: Marketing

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Sap Marketing	Version 130
Sap Marketing	Version 140
Sap Marketing	Version 150

References (4)

https://launchpad.support.sap.com/#/notes/2961991

Source: cna@sap.com

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2961991

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.