Description
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.
Scores
CVSS v3
7.5
EPSS
0.0013
EPSS Percentile
32.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-354
Status
published
Products (3)
sap/business_client
6.0 (18 CPE variants)
sap/business_client
6.5 (20 CPE variants)
sap/business_client
7.0 (7 CPE variants)
Published
Apr 14, 2020
Tracked Since
Feb 18, 2026