CVE-2020-6291

Summary

SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Disclosure Management< 1.0affected

Weaknesses

  • Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References