CRITICAL🇵🇱 Wersja polska

CVE-2020-26821

CVSS 10.0v3.1pub. 2020-11-10upd. 2024-11-21

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
  • Sap Solution Manager

    APP
    Sap
    7.20
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2020-6207CRITICAL9.8⚠ KEVten sam produkt

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not ...

CVE-2022-22544CRITICAL9.1ten sam produkt

Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720, allows an administrator to execute cod...

CVE-2020-26837CRITICAL9.1ten sam produkt

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a...

CVE-2020-26824CRITICAL10.0ten sam produkt

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system...

CVE-2020-26822CRITICAL10.0ten sam produkt

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system...