Description
SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/2927373
Scores
CVSS v3
2.7
EPSS
0.0023
EPSS Percentile
45.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Details
Status
published
Products (6)
sap/abap_platform
7.31
sap/abap_platform
7.40
sap/abap_platform
7.50
sap/netweaver_application_server_abap
731
sap/netweaver_application_server_abap
740
sap/netweaver_application_server_abap
750
Published
Jul 14, 2020
Tracked Since
Feb 18, 2026