Authentication Bypass in SAP Business Objects BI Platform on Unix
CVE-2020-6294
8.5HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 12 August 2020
What is CVE-2020-6294?
The vulnerability allows unauthorized access to functionalities within the SAP Business Objects Business Intelligence Platform on Unix systems. Specifically, Xvfb fails to implement necessary authentication checks, enabling attackers to exploit user identity-related functionalities without proper verification. This security oversight could lead to unauthorized data access and manipulation, underlining the importance of immediate remediation for affected versions 4.2 and 4.3.
Affected Version(s)
SAP Business Objects Business Intelligence Platform < 4.2 < 4.2
SAP Business Objects Business Intelligence Platform < 4.3 < 4.3