CVE-2020-6320

Name of the Vulnerable Software and Affected Versions SAP Marketing (Servlet) versions 130 through 150

Description The issue allows an authenticated attacker to invoke certain restricted functions, potentially impacting the Confidentiality and Integrity of data related to contact and interaction. An attacker with limited knowledge of the payload can exploit this to perform specific tasks.

Recommendations For versions 130 through 150, consider restricting access to the affected functions until a fix is available. As a temporary workaround, limit the invocation of restricted functions to authorized personnel only.