CVE-2020-6292
published 2020-07-14CVE-2020-6292: Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | disclosure_management | — | — |
| sap_se | sap_disclosure_management | < 1.0 | 1.0 |