NuytsTech Security

CVE-2020-6249

by ·

The use of an admin backend report within SAP Master Data Governance, versions – S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection.

Date published : 2020-05-12

https://launchpad.support.sap.com/#/notes/2908560

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222

Tags: