cbcvebase.
CVE-2020-6265
published 2020-06-09

CVE-2020-6265: SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials.

Affected

12 ranges
VendorProductVersion rangeFixed in
sapcommerce
sapcommerce
sapcommerce
sapcommerce
sapcommerce_data_hub
sapcommerce_data_hub
sapcommerce_data_hub
sapcommerce_data_hub
sap_sesap_commerce< 6.76.7
sap_sesap_commerce< 18081808
sap_sesap_commerce< 18111811
sap_sesap_commerce< 19051905