CVE-2020-6208

SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:crystal_reports:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sap:crystal_reports:4.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-03-10 21:15

Updated : 2024-02-04 20:39


NVD link : CVE-2020-6208

Mitre link : CVE-2020-6208

CVE.ORG link : CVE-2020-6208


JSON object : View

Products Affected

sap

  • crystal_reports
CWE
CWE-416

Use After Free