CVE-2020-6285

Published: Jul 14, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.

Affected (7)

Products: Sap: Netweaver

Sap

1 product

Netweaver

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver	Version 7.10
Sap Netweaver	Version 7.11
Sap Netweaver	Version 7.20
Sap Netweaver	Version 7.30
Sap Netweaver	Version 7.31
Sap Netweaver	Version 7.40
Sap Netweaver	Version 7.50

References (4)

https://launchpad.support.sap.com/#/notes/2932473

Source: cna@sap.com

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2932473

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.