How severe is CVE-2020-6292?

CVE-2020-6292 has a CVSS v3 score of 8.8 (HIGH).

CVE-2020-6292

Name: disclosure_management
Author: sap

8.8HIGH

Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.

Published: 7/14/2020Updated: 11/21/2024

Description

Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.

AI AnalysisPowered by AI

Affected Products

sapdisclosure_management

10.1

References

https://launchpad.support.sap.com/#/notes/2758000
Permissions RequiredVendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2758000
Permissions RequiredVendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
Vendor Advisory