CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6190

Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 54.4%

CVSS Severity

CVSS v3 Score 5.8

CVSS v2 Score 5.0

References

https://launchpad.support.sap.com/#/notes/2838835
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812
https://launchpad.support.sap.com/#/notes/2838835
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812

Products affected by CVE-2020-6190

Sap » Netweaver Application Server Java » Version: 7.30

cpe:2.3:a:sap:netweaver_application_server_java:7.30
Sap » Netweaver Application Server Java » Version: 7.31

cpe:2.3:a:sap:netweaver_application_server_java:7.31
Sap » Netweaver Application Server Java » Version: 7.40

cpe:2.3:a:sap:netweaver_application_server_java:7.40
Sap » Netweaver Application Server Java » Version: 7.50

cpe:2.3:a:sap:netweaver_application_server_java:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6190

Products

Pricing

Contact Us