CVE-2020-6307

CVSS 4.3 MEDIUMEPSS 0.7%

Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensitive information.

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

SAP SE · Automated Note Search Tool (SAP Basis)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://launchpad.support.sap.com/#/notes/2863397 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533671771