• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2020-6297

February 26, 2023 by

Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version – 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure.

CVE-2020-6299

February 26, 2023 by

SAP NetWeaver (ABAP Server) and ABAP Platform, versions – 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.

CVE-2020-6302

February 26, 2023 by

SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.

CVE-2020-6310

February 26, 2023 by

Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions – 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.

CVE-2020-6315

February 26, 2023 by

SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer, leading to Information Disclosure.

CVE-2020-6320

February 26, 2023 by

SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiality and Integrity of data in the application.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 527
  • Go to page 528
  • Go to page 529
  • Go to page 530
  • Go to page 531
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE