mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
75 lines
2.5 KiB
JSON
75 lines
2.5 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2020-6271",
|
|
"ASSIGNER": "cna@sap.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SAP SE",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SAP Solution Manager (Problem Context Manager)",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_name": "<",
|
|
"version_value": "7.2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data (files visible for technical administration users of the diagnostics agent)."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"baseScore": "8.2",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
|
|
"version": "3.0"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Missing XML Validation"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775",
|
|
"refsource": "MISC",
|
|
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775"
|
|
},
|
|
{
|
|
"url": "https://launchpad.support.sap.com/#/notes/2931391",
|
|
"refsource": "MISC",
|
|
"name": "https://launchpad.support.sap.com/#/notes/2931391"
|
|
}
|
|
]
|
|
}
|
|
} |