CVE-2020-6290
published 2020-07-14CVE-2020-6290: SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID.
medium6.3CVSS 3.1
AVNACLPRNUIRSUCLILAL
SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | disclosure_management | — | — |
| sap_se | sap_disclosure_management | < 1.0 | 1.0 |