CVE-2020-6289: CSRF
First published: Tue Jul 14 2020(Updated: )
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Disclosure Management | =10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SAP Disclosure Management vulnerability?
The vulnerability ID for this SAP Disclosure Management vulnerability is CVE-2020-6289.
What is the severity of CVE-2020-6289?
The severity of CVE-2020-6289 is high with a score of 8.8.
How does CVE-2020-6289 affect SAP Disclosure Management?
CVE-2020-6289 affects SAP Disclosure Management version 10.1 by introducing insufficient protection against Cross-Site Request Forgery.
How can Cross-Site Request Forgery be exploited in CVE-2020-6289?
Cross-Site Request Forgery in CVE-2020-6289 can be exploited to trick users into browsing malicious sites.
How do I fix the CVE-2020-6289 vulnerability?
To fix the CVE-2020-6289 vulnerability, it is recommended to apply the necessary patches or updates provided by SAP.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/event
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap disclosure management
- version/sap disclosure management/10.1