SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap enable now |