SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables.
CPE | Name | Operator | Version |
---|---|---|---|
enable_now | lt | 1908 |