CVE-2020-6181
published 2020-02-12CVE-2020-6181: Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750…
medium5.8CVSS 3.1
AVNACLPRNUINSCCNILAN
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | netweaver | — | — |
| sap | netweaver | — | — |
| sap | netweaver | — | — |
| sap | netweaver | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_netweaver | — | — |
| sap_se | sap_netweaver | — | — |
| sap_se | sap_netweaver | — | — |
| sap_se | sap_netweaver | — | — |