CVE-2020-6291
published 2020-07-14CVE-2020-6291: SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | disclosure_management | — | — |
| sap_se | sap_disclosure_management | < 1.0 | 1.0 |