CVE-2020-6371

Summary

User enumeration vulnerability can be exploited to get a list of user accounts and personal user information can be exposed in SAP NetWeaver Application Server ABAP (POWL test application) versions - 710, 711, 730, 731, 740, 750, leading to Information Disclosure.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 710affected
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 711affected
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 730affected
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 731affected
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 740affected
SAP SESAP NetWeaver Application Server ABAP (POWL test application)< 750affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References