CVE-2020-6310
published 2020-08-12CVE-2020-6310: Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | abap_platform | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap_se | sap_netweaver_and_abap_platform | < 702 | 702 |
| sap_se | sap_netweaver_and_abap_platform | < 730 | 730 |
| sap_se | sap_netweaver_and_abap_platform | < 731 | 731 |