Information Disclosure Vulnerability in SAP Adaptive Server Enterprise
CVE-2020-6317
2.6LOW
Summary
This vulnerability allows an attacker with regular user credentials and local access to an ASE cockpit installation to view sensitive information contained in the installation log files. Although this information is sensitive, its utility is limited as it does not permit further access or manipulation of other data within the cockpit or overall system.
Affected Version(s)
SAP Adaptive Server Enterprise < 15.7 < 15.7
SAP Adaptive Server Enterprise < 16.0 < 16.0
References
CVSS V3.1
Score:
2.6
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved