Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2838835 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2020-02-12T19:46:01
Updated: 2020-02-12T19:46:01
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6190
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-12T20:15:14.620
Modified: 2020-02-19T18:06:25.890
Link: CVE-2020-6190
JSON object: View
Redhat Information
No data.
CWE