返回 CVE 浏览器

CVE-2020-6236

HIGH

7.2

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile37.29th

Published2020年4月14日

Last Modified2024年11月21日

Vulnerability Description

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. This results in the possibility to execute these files as root user from a non-root context, leading to Privilege Escalation.

Affected Platforms (CPE)

📦

Sap

Adaptive Extensions

= 1.0

📦

Sap

Landscape Management

= 3.0

References & Advisories

🔗 https://launchpad.support.sap.com/#/notes/2902456

🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

🔗 https://launchpad.support.sap.com/#/notes/2902456

🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202

相关漏洞威胁

CVE-2026-506389.1

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (a...

CVE-2017-122448.6

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated...

CVE-2026-506378.2

Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and ...

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 a...