CVE-2020-6190

medium

Description

Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812

https://launchpad.support.sap.com/#/notes/2838835

Details

Source: Mitre, NVD

Published: 2020-02-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00172