CVE-2020-6267
published 2020-07-14CVE-2020-6267: Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.
medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | disclosure_management | — | — |
| sap_se | sap_disclosure_management | < 10.1 | 10.1 |