CVE-2020-6280 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-6280

CWE

https://cwe.mitre.org/data/definitions/.html

SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.

Affected Software

Name	Vendor	Start Version	End Version
Abap_platform	Sap	7.31 (including)	7.31 (including)
Abap_platform	Sap	7.40 (including)	7.40 (including)
Abap_platform	Sap	7.50 (including)	7.50 (including)
Netweaver_application_server_abap	Sap	731 (including)	731 (including)
Netweaver_application_server_abap	Sap	740 (including)	740 (including)
Netweaver_application_server_abap	Sap	750 (including)	750 (including)

References

https://launchpad.support.sap.com/#/notes/2927373
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
https://launchpad.support.sap.com/#/notes/2927373
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675