TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2020-6267

MEDIUM
5.4

Beschreibung

Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.

CVE Details

CVSS v3.1 Bewertung5.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht7/14/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

sap:disclosure_management

Schwachen (CWE)

CWE-1004CWE-732

Referenzen

https://launchpad.support.sap.com/#/notes/2758000(cna@sap.com)
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675(cna@sap.com)
https://launchpad.support.sap.com/#/notes/2758000(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.