CVE-2020-6280

Published: Jul 14, 2020Modified: Nov 21, 2024

2.7

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.2 / Impact: 1.4

Source: NVD

Description

SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.

Affected (6)

Products: Sap: Abap Platform, Netweaver Application Server Abap

Sap

2 products

Abap Platform

Netweaver Application Server Abap

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Sap Abap Platform	Version 7.31
Sap Abap Platform	Version 7.40
Sap Abap Platform	Version 7.50
Sap Netweaver Application Server Abap	Version 731
Sap Netweaver Application Server Abap	Version 740
Sap Netweaver Application Server Abap	Version 750

References (4)

https://launchpad.support.sap.com/#/notes/2927373

Source: cna@sap.com

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2927373

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.