Sign-up

ID

VAR-202003-1742


CVE

CVE-2020-6208


TITLE

SAP Business Objects Business Intelligence Platform Code injection vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-002715

DESCRIPTION

SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability. (DoS) May be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of RPT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 2.25

sources: NVD: CVE-2020-6208 // JVNDB: JVNDB-2020-002715 // ZDI: ZDI-20-291

AFFECTED PRODUCTS

vendor:sapmodel:crystal reportsscope:eqversion:4.1

Trust: 1.8

vendor:sapmodel:crystal reportsscope:eqversion:4.2

Trust: 1.8

vendor:sapmodel:crystal reportsscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-291 // JVNDB: JVNDB-2020-002715 // NVD: CVE-2020-6208

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-6208
value: HIGH

Trust: 1.0

cna@sap.com: CVE-2020-6208
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002715
value: HIGH

Trust: 0.8

ZDI: CVE-2020-6208
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202003-600
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-6208
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002715
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

nvd@nist.gov: CVE-2020-6208
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.5
impactScore: 6.0
version: 3.1

Trust: 1.0

cna@sap.com: CVE-2020-6208
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002715
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-6208
baseSeverity: HIGH
baseScore: 8.2
vectorString: AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.5
impactScore: 6.0
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-291 // JVNDB: JVNDB-2020-002715 // CNNVD: CNNVD-202003-600 // NVD: CVE-2020-6208 // NVD: CVE-2020-6208

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:CWE-94

Trust: 0.8

sources: JVNDB: JVNDB-2020-002715 // NVD: CVE-2020-6208

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-600

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-202003-600

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002715

PATCH
title:SAP Security Patch Day - March 2020url:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305
Trust: 0.8
title:SAP has issued an update to correct this vulnerability.#/notes/2861301url:https://launchpad.support.sap.com/
Trust: 0.7
title:SAP Business Objects Business Intelligence Platform Fixes for code injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112026
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-291 // 
            
            
            
            JVNDB: JVNDB-2020-002715 // 
            
            
            
            CNNVD: CNNVD-202003-600

EXTERNAL IDS
db:NVDid:CVE-2020-6208
Trust: 3.1
db:ZDIid:ZDI-20-291
Trust: 2.3
db:JVNDBid:JVNDB-2020-002715
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-9460
Trust: 0.7
db:CNNVDid:CNNVD-202003-600
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-291 // 
            
            
            
            JVNDB: JVNDB-2020-002715 // 
            
            
            
            CNNVD: CNNVD-202003-600 // 
            
            
            
            NVD: CVE-2020-6208

REFERENCES
url:https://launchpad.support.sap.com/#/notes/2861301
Trust: 1.6
url:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=540935305
Trust: 1.6
url:https://www.zerodayinitiative.com/advisories/zdi-20-291/
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-6208
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6208
Trust: 0.8
url:https://launchpad.support.sap.com/
Trust: 0.7
url:https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-april-2020-32012
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-291 // 
            
            
            
            JVNDB: JVNDB-2020-002715 // 
            
            
            
            CNNVD: CNNVD-202003-600 // 
            
            
            
            NVD: CVE-2020-6208

CREDITS
kdot
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-291

SOURCES
db:ZDIid:ZDI-20-291
db:JVNDBid:JVNDB-2020-002715
db:CNNVDid:CNNVD-202003-600
db:NVDid:CVE-2020-6208

LAST UPDATE DATE
2024-11-23T22:55:15.277000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-291date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-002715date:2020-03-24T00:00:00
db:CNNVDid:CNNVD-202003-600date:2020-04-20T00:00:00
db:NVDid:CVE-2020-6208date:2024-11-21T05:35:18.147

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-291date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-002715date:2020-03-24T00:00:00
db:CNNVDid:CNNVD-202003-600date:2020-03-10T00:00:00
db:NVDid:CVE-2020-6208date:2020-03-10T21:15:14.903