CVE-2020-6250
First published: Tue May 12 2020(Updated: )
SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop the server like an administrator.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Sybase Adaptive Server Enterprise | =16.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-6250?
CVE-2020-6250 has a medium severity rating due to the potential for information disclosure.
How do I fix CVE-2020-6250?
To fix CVE-2020-6250, ensure that the misconfigured endpoints are properly secured and restrict access as necessary.
What systems are affected by CVE-2020-6250?
CVE-2020-6250 specifically affects SAP Adaptive Server Enterprise version 16.0.
What kind of attack is possible with CVE-2020-6250?
CVE-2020-6250 allows an authenticated attacker to exploit misconfigured endpoints to read the system administrator password.
What can an attacker do if they exploit CVE-2020-6250?
An attacker can read or write any data and potentially stop critical services if they exploit CVE-2020-6250.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sap
- canonical/sap sybase adaptive server enterprise
- version/sap sybase adaptive server enterprise/16.0