CVE-2020-26821
First published: Tue Nov 10 2020(Updated: )
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Solution Manager | =7.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-26821.
What is the severity of CVE-2020-26821?
The severity of CVE-2020-26821 is critical.
Which software versions are affected by CVE-2020-26821?
SAP Solution Manager (JAVA stack) version 7.20 is affected by CVE-2020-26821.
How can an attacker exploit CVE-2020-26821?
An unauthenticated attacker can compromise the system by exploiting the missing authorization checks in the SVG Converter Service of SAP Solution Manager (JAVA stack) version 7.20.
What is the impact of CVE-2020-26821?
CVE-2020-26821 has an impact on the integrity and availability of the service.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/references
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap solution manager
- version/sap solution manager/7.20