Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected servers, leading to Code Injection.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2020-05-12T17:47:46

Updated: 2024-08-04T08:55:22.168Z

Reserved: 2020-01-08T00:00:00

Link: CVE-2020-6243

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-05-12T18:15:13.897

Modified: 2024-11-21T05:35:22.097

Link: CVE-2020-6243

cve-icon Redhat

No data.