Published: 12/08/2020 Updated: 14/08/2020

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

CVSS v3 Base Score: 9 | Impact Score: 6 | Exploitability Score: 2.3

VMScore: 756

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privileges. If the accessing user has administrative privileges, then the execution of the script content could result in complete compromise of system confidentiality, integrity and availability, leading to Stored Cross Site Scripting.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap netweaver knowledge management 7.30
sap netweaver knowledge management 7.31
sap netweaver knowledge management 7.40
sap netweaver knowledge management 7.50

We spent way too long on this Microsoft, Intel, Adobe, SAP, Red Hat Patch Tuesday article. Just click on it, pretend to read it, apply updates

The Register • Shaun Nichols in San Francisco • 11 Aug 2020

Please, thanks, good show, cheers, ta

Patch Tuesday Patch Tuesday used to be Microsoft's day to release patches. Now Adobe, Intel, and SAP are routinely joining the fun – with special guest star Red Hat this month. If you've felt overwhelmed by the sheer number of security patches Microsoft has emitted this year, you are not alone. Patch watchers at the Zero Day Initiative said that, including the 120 product security bulletins posted this August, Microsoft is just 11 patches away from surpassing its 2019 full-year total with four...

CVE-2020-6284

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect