Published: 12/08/2020 Updated: 05/10/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 357

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap abap platform 7.50
sap abap platform 7.40
sap abap platform 7.31
sap abap platform 700
sap abap platform 701
sap abap platform 702
sap abap platform 710
sap abap platform 711
sap abap platform 751
sap abap platform 753
sap abap platform 755
sap netweaver application server abap 700
sap netweaver application server abap 701
sap netweaver application server abap 702
sap netweaver application server abap 710
sap netweaver application server abap 711
sap netweaver application server abap 731
sap netweaver application server abap 740
sap netweaver application server abap 750
sap netweaver application server abap 751
sap netweaver application server abap 753
sap netweaver application server abap 755

NVD-CWE-noinfo https://launchpad.support.sap.com/#/notes/2944988 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-6310

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect