CVE-2020-6291

Publication date

2020-07-14 12:30:14

Family

sap

State

PUBLISHED

Description

SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration