Vulnerabilities > CVE-2020-6197 - Insufficient Session Expiration vulnerability in SAP Enable NOW 1902
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |