CVE-2020-6292
First published: Tue Jul 14 2020(Updated: )
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Disclosure Management | =10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-6292.
What is the severity of CVE-2020-6292?
CVE-2020-6292 has a severity rating of 8.8 (high).
What is the affected software for CVE-2020-6292?
The affected software for CVE-2020-6292 is SAP Disclosure Management version 10.1.
What is the description of CVE-2020-6292?
CVE-2020-6292 is a vulnerability in the logout mechanism of SAP Disclosure Management version 10.1, which does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
How can I fix CVE-2020-6292?
To fix CVE-2020-6292, it is recommended to apply the necessary patches and updates provided by SAP.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/severity
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap disclosure management
- version/sap disclosure management/10.1