CyberSec.Space Logo
Back to CVE Browser

CVE-2020-26821

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1510%
EPSS Percentile27.13th
PublishedNov 10, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.

Affected Platforms (CPE)

πŸ“¦
Sap

Solution Manager

= 7.20

References & Advisories

πŸ”— https://launchpad.support.sap.com/#/notes/2985866
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
πŸ”— https://launchpad.support.sap.com/#/notes/2985866
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571

Related Vulnerabilities

CVE-2020-2682210.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-2682310.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-636410.0

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to m...

CVE-2020-2682410.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...