Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024
CVE-2020-6203
CVE-2020-6203
Description
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal.
Affected products
2- Range: 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
- SAP SE/SAP NetWeaver UDDI Server (Services Registry)v5Range: < 7.10
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.