admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-63xx/CVE-2020-6317.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

138 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-6317",
"sourceIdentifier": "cna@sap.com",
"published": "2020-11-30T19:15:12.537",
"lastModified": "2021-07-21T11:39:23.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or render unavailable any other information in the cockpit or system. This affects SAP Adaptive Server Enterprise, Versions - 15.7, 16.0."
},
{
"lang": "es",
"value": "En determinadas situaciones, un atacante con credenciales de usuario normales y acceso local a una instalaci\u00f3n de cabina ASE puede acceder a informaci\u00f3n confidencial que se muestra en los archivos de registro de instalaci\u00f3n. Esta informaci\u00f3n, aunque confidencial, es de utilidad limitada y no se puede utilizar para acceder, modificar o hacer que no est\u00e9 disponible ninguna otra informaci\u00f3n en la cabina o el sistema. Esto afecta a SAP Adaptive Server Enterprise, versiones - 15.7, 16.0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7
},
"baseSeverity": "LOW",
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:adaptive_server_enterprise:15.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E3F2F1-91CA-465B-831F-3493F41EFEFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:adaptive_server_enterprise:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96E0D26B-8929-4A77-A6C1-240B4DADB9BD"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/2953203",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink