CVE-2020-6190

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS Java (Heap Dump Application) versions 7.30, 7.31, 7.40, 7.50

Description The issue allows attackers to gain valuable information about the system, including hostname, server node, and installation path, through certain vulnerable endpoints. This information could be misused, leading to information disclosure.

Recommendations For versions 7.30, 7.31, 7.40, 7.50, consider restricting access to the vulnerable endpoints in the Heap Dump Application to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable Heap Dump Application until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.