CVE-2020-6264

SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker to access information under certain conditions which would otherwise be restricted, leading to Information Disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
sapCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
sapcommerce
6.7
𝑥
= Vulnerable software versions
References
https://launchpad.support.sap.com/#/notes/2906366
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775
https://launchpad.support.sap.com/#/notes/2906366
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775