← Retour aux CVEs
CVE-2020-26821
CRITICAL10.0
Description
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.
Details CVE
Score CVSS v3.110.0
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie11/10/2020
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
sap:solution_manager
Faiblesses (CWE)
CWE-306
References
https://launchpad.support.sap.com/#/notes/2985866(cna@sap.com)
https://launchpad.support.sap.com/#/notes/2985866(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.