EUVD-2020-27337

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP NetWeaver versions do not validate XML input, risking Denial of Service from compromised admin.

Reporter	Title	Published	Views	Family All 6
CNVD	SAP NetWeaver XML Processing Denial of Service Vulnerability	17 Feb 202000:00	–	cnvd
CVE	CVE-2020-6187	12 Feb 202019:45	–	cve
Cvelist	CVE-2020-6187	12 Feb 202019:45	–	cvelist
NVD	CVE-2020-6187	12 Feb 202020:15	–	nvd
Prion	Design/Logic Flaw	12 Feb 202020:15	–	prion
RedhatCVE	CVE-2020-6187	22 May 202517:30	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "6a81f3d5-bdfb-3dc6-8a5c-c526617305dd",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0c5ffe53-eb12-31d1-95cb-125e34db4cb5",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.30"
      },
      {
        "id": "182647b9-aadc-3993-84fd-0e30fe781271",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.50"
      },
      {
        "id": "2530be22-409c-388b-958f-9e42638b5f1d",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.40"
      },
      {
        "id": "3e98fc3f-bcee-3533-b258-4e6c9e108774",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.10"
      },
      {
        "id": "3feb0201-10b3-3ef9-af51-768b94863540",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.11"
      },
      {
        "id": "61330c34-91f1-3603-bf20-8b2edd4619ea",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.31"
      },
      {
        "id": "d7d76f9b-9896-3aa1-8f6f-3b4a5a8b15b2",
        "product": {
          "name": "SAP NetWeaver (Guided Procedures)"
        },
        "product_version": "= 7.20"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.2Medium risk

Vulners AI Score5.2

CVSS 34.9

CVSS 24

CVSS 3.14.9

EPSS0.00295