CVE-2020-6197

Summary

SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Enable Now< before version 1908affected

Weaknesses

  • Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References