Home

CVE-2020-6265

Description

SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.598

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in SAP Commerce 1808Windows
Multiple Vulnerabilities are affected in SAP Commerce 1811Windows
Multiple Vulnerabilities are affected in SAP Commerce 1905Windows
Vulnerabilities CVE-2020-6264,CVE-2020-6265,CVE-2020-6302 are affected in SAP Commerce 6.7Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234