CVE-2020-26822
10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
Summary
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Solution Manager (JAVA stack) | < 7.20 | affected |
Weaknesses
- Missing Authorization
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
- https://launchpad.support.sap.com/#/notes/2985866
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
- https://launchpad.support.sap.com/#/notes/2985866
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.