CVE-2020-6291
First published: Tue Jul 14 2020(Updated: )
SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Disclosure Management | =10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for SAP Disclosure Management version 10.1?
The vulnerability ID for SAP Disclosure Management version 10.1 is CVE-2020-6291.
What is the title of the vulnerability for SAP Disclosure Management version 10.1?
The title of the vulnerability for SAP Disclosure Management version 10.1 is 'SAP Disclosure Management version 10.1 session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration.'
What is the severity rating of CVE-2020-6291?
The severity rating of CVE-2020-6291 is high.
What is the affected software for CVE-2020-6291?
The affected software for CVE-2020-6291 is SAP Disclosure Management version 10.1.
How can I fix the vulnerability in SAP Disclosure Management version 10.1?
To fix the vulnerability in SAP Disclosure Management version 10.1, it is recommended to apply the necessary patches or updates provided by SAP.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/tags
- agent/severity
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- vendor/sap
- canonical/sap disclosure management
- version/sap disclosure management/10.1