CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-26821

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1510%
EPSS Percentile27.13th
Published2020年11月10日
Last Modified2024年11月21日

Vulnerability Description

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.

Affected Platforms (CPE)

📦
Sap

Solution Manager

= 7.20

References & Advisories

🔗 https://launchpad.support.sap.com/#/notes/2985866
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
🔗 https://launchpad.support.sap.com/#/notes/2985866
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571

関連する脆弱性情報

CVE-2020-2682210.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-2682310.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-636410.0

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to m...

CVE-2020-2682410.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...