CyberSec.Space Logo
Back to CVE Browser

CVE-2020-6236

HIGH
7.2
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile37.29th
PublishedApr 14, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. This results in the possibility to execute these files as root user from a non-root context, leading to Privilege Escalation.

Affected Platforms (CPE)

πŸ“¦
Sap

Adaptive Extensions

= 1.0
πŸ“¦
Sap

Landscape Management

= 3.0

References & Advisories

πŸ”— https://launchpad.support.sap.com/#/notes/2902456
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
πŸ”— https://launchpad.support.sap.com/#/notes/2902456
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

Related Vulnerabilities

CVE-2026-506389.1

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (a...

CVE-2017-122448.6

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated...

CVE-2026-506378.2

Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and ...

CVE-2026-53724

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 a...