CVE-2020-6232

Name of the Vulnerable Software and Affected Versions SAP Commerce versions 1811, 1905

Description The issue is related to missing authorization checks for anonymous users, which affects the confidentiality of secure media. This means that an unauthorized user may be able to access sensitive information without proper clearance.

Recommendations For SAP Commerce versions 1811 and 1905, consider implementing additional authorization checks to ensure that anonymous users cannot access secure media without proper clearance. As a temporary workaround, restrict access to secure media for anonymous users until a proper fix is applied.