Code Injection Vulnerability in SAP Adaptive Server Enterprise Backup Server
CVE-2020-6248
9.1CRITICAL
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 12 May 2020
What is CVE-2020-6248?
A vulnerability has been identified in SAP Adaptive Server Enterprise (Backup Server), version 16.0, where inadequate validation checks for authenticated users during the execution of DUMP or LOAD commands could potentially allow an attacker to execute arbitrary code. This flaw emphasizes the importance of ensuring robust input validation mechanisms to prevent unwanted code execution and protect sensitive data.
Affected Version(s)
SAP Adaptive Server Enterprise (Backup Server) < 16.0