CVE-2020-26822
First published: Tue Nov 10 2020(Updated: )
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Solution Manager | =7.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SAP Solution Manager (JAVA stack) vulnerability?
The vulnerability ID for this SAP Solution Manager (JAVA stack) vulnerability is CVE-2020-26822.
What is the severity level of the SAP Solution Manager (JAVA stack) vulnerability?
The severity level of the SAP Solution Manager (JAVA stack) vulnerability is critical.
How can an unauthenticated attacker exploit this vulnerability?
An unauthenticated attacker can exploit this vulnerability by taking advantage of the missing authorization checks in the Outside Discovery Configuration Service.
What is the impact of this vulnerability?
This vulnerability has an impact on the integrity and availability of the system.
Is there a fix available for this vulnerability?
Yes, you can find the fix for this vulnerability by referring to the SAP Solution Manager notes or documentation provided in the references section.
- collector/nvd-index
- vendor/sap
- canonical/sap solution manager
- version/sap solution manager/7.20