CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6178

SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.5

References

https://launchpad.support.sap.com/#/notes/2880664
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305
https://launchpad.support.sap.com/#/notes/2880664
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

Products affected by CVE-2020-6178

Sap » Enable Now » Version: N/A

cpe:2.3:a:sap:enable_now:-
Sap » Enable Now » Version: 10

cpe:2.3:a:sap:enable_now:10
Sap » Enable Now » Version: 1902

cpe:2.3:a:sap:enable_now:1902
Sap » Enable Now » Version: 1908

cpe:2.3:a:sap:enable_now:1908

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6178

Products

Pricing

Contact Us