CVE-2020-26837

Summary

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Solution Manager (User Experience Monitoring)< 7.20affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References