CVE-2020-26818
First published: Tue Nov 10 2020(Updated: )
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information that would otherwise be restricted to highly privileged users because of missing authorization, resulting in Information Disclosure.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver Application Server for ABAP | =731 | |
| SAP NetWeaver Application Server for ABAP | =740 | |
| SAP NetWeaver Application Server for ABAP | =750 | |
| SAP NetWeaver Application Server for ABAP | =751 | |
| SAP NetWeaver Application Server for ABAP | =752 | |
| SAP NetWeaver Application Server for ABAP | =753 | |
| SAP NetWeaver Application Server for ABAP | =754 | |
| SAP NetWeaver Application Server for ABAP | =755 | |
| SAP NetWeaver Application Server for ABAP | =782 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/sap
- canonical/sap netweaver application server for abap
- version/sap netweaver application server for abap/731
- version/sap netweaver application server for abap/740
- version/sap netweaver application server for abap/750
- version/sap netweaver application server for abap/751
- version/sap netweaver application server for abap/752
- version/sap netweaver application server for abap/753
- version/sap netweaver application server for abap/754
- version/sap netweaver application server for abap/755
- version/sap netweaver application server for abap/782