Vulnerabilities > CVE-2020-6280 - Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2020-07-14

Updated: 2022-10-05

Summary

SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Abap Platform 7.50 SAP Abap Platform 7.40 SAP Abap Platform 7.31 SAP Netweaver Application Server Abap 750 SAP Netweaver Application Server Abap 731 SAP Netweaver Application Server Abap 740	6

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
https://launchpad.support.sap.com/#/notes/2927373