CVE-2020-6181 vulnerability in SAP Products
Published on February 12, 2020

Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.

NVD

Products Associated with CVE-2020-6181

stack.watch emails you whenever new vulnerabilities are published in SAP Abap Platform or SAP NetWeaver. Just hit a watch button to start following.

SAP Abap Platform

SAP NetWeaver

Affected Versions

SAP SE SAP NetWeaver (SAP Basis):

Version = 7.02 is affected.
Version = 7.30 is affected.
Version = 7.31 is affected.
Version = 7.40 is affected.

SAP SE SAP ABAP Platform (SAP Basis):

Version = 7.50 is affected.
Version = 7.51 is affected.
Version = 7.52 is affected.
Version = 7.53 is affected.
Version = 7.54 is affected.

Exploit Probability

EPSS

0.31%

Percentile

53.39%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6181 vulnerability in SAP ProductsPublished on February 12, 2020

Products Associated with CVE-2020-6181

Affected Versions

Exploit Probability

CVE-2020-6181 vulnerability in SAP Products
Published on February 12, 2020