CVE-2020-6265

Summary

SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Commerce< 6.7affected
SAP SESAP Commerce< 1808affected
SAP SESAP Commerce< 1811affected
SAP SESAP Commerce< 1905affected
SAP SESAP Commerce (Data Hub)< 6.7affected
SAP SESAP Commerce (Data Hub)< 1808affected
SAP SESAP Commerce (Data Hub)< 1811affected
SAP SESAP Commerce (Data Hub)< 1905affected

Weaknesses

  • CWE-798: CWE-798

ADP Enrichment

CVE Program Container

Additional References

References