Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2020-6181

Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.

  • Published: Feb 12, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-6181
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
sap / netweaver 7.30 7.30.x
sap / netweaver 7.31 7.31.x
sap / netweaver 7.02 7.02.x
sap / netweaver 7.40 7.40.x
sap / abap_platform 7.51 7.51.x
sap / abap_platform 7.52 7.52.x
sap / abap_platform 7.53 7.53.x
sap / abap_platform 7.54 7.54.x
sap / abap_platform 7.50 7.50.x