CVE-2020-6260
First published: Wed Jun 10 2020(Updated: )
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Solution Manager | =7.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SAP Solution Manager vulnerability?
The vulnerability ID for this SAP Solution Manager vulnerability is CVE-2020-6260.
What is the severity rating of CVE-2020-6260?
The severity rating of CVE-2020-6260 is 5.3 (medium).
What is the affected software for CVE-2020-6260?
The affected software for CVE-2020-6260 is SAP Solution Manager version 7.20.
How does CVE-2020-6260 affect the application?
CVE-2020-6260 allows an attacker to inject superfluous data that can be displayed by the SAP Solution Manager application.
Is there any reference material available for CVE-2020-6260?
Yes, you can refer to the following links for more information: [1] https://launchpad.support.sap.com/#/notes/2915126 and [2] https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775.
- collector/nvd-index
- vendor/sap
- canonical/sap solution manager
- version/sap solution manager/7.20