Information Disclosure Vulnerability in SAP NetWeaver AS Java by SAP
CVE-2020-6224
4.5MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 April 2020
What is CVE-2020-6224?
The vulnerability in SAP NetWeaver AS Java allows an attacker with administrative access to confidential information. When users log in and transmit their credentials, sensitive data like passwords may be exposed in trace files. This raises significant security concerns, as it enables unauthorized entities to access personal information without proper authorization.
Affected Version(s)
SAP NetWeaver AS Java (HTTP Service) < 7.10 < 7.10
SAP NetWeaver AS Java (HTTP Service) < 7.11 < 7.11
SAP NetWeaver AS Java (HTTP Service) < 7.20 < 7.20