CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6197

SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.3%

CVSS Severity

CVSS v3 Score 3.8

CVSS v2 Score 2.1

References

https://launchpad.support.sap.com/#/notes/2845363
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305
https://launchpad.support.sap.com/#/notes/2845363
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

Products affected by CVE-2020-6197

Sap » Enable Now » Version: N/A

cpe:2.3:a:sap:enable_now:-
Sap » Enable Now » Version: 10

cpe:2.3:a:sap:enable_now:10
Sap » Enable Now » Version: 1902

cpe:2.3:a:sap:enable_now:1902

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6197

Products

Pricing

Contact Us