Published: 14/07/2020 Updated: 12/10/2022

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.4 | Impact Score: 2.5 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap disclosure management 10.1

Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code

The Register • Shaun Nichols in San Francisco • 15 Jul 2020

You'll want to patch that – and all these other bugs fixed by Microsoft, Oracle, Adobe, VMware, SAP, Google So kind of SAP NetWeaver to hand out admin accounts to anyone who can reach it. You'll want to patch this

Mega Patch Tuesday Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. It was one of hundreds of security bugs squashed today by Redmond along with Oracle, Adobe, VMware, SAP and Google. Microsoft emitted fixes for 123 vulnerabilities in this month's Patch Tuesday batch. Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution (RCE) is po...

CVE-2020-6267

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect