CVE-2020-6261: Input Validation
First published: Wed Jul 01 2020(Updated: )
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Solution Manager | =7.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-6261.
What is the severity level of CVE-2020-6261?
The severity level of CVE-2020-6261 is medium.
What is the affected software for CVE-2020-6261?
The affected software for CVE-2020-6261 is SAP Solution Manager version 7.20.
How does CVE-2020-6261 impact SAP Solution Manager?
CVE-2020-6261 allows an attacker to perform a log injection into the trace file, impairing the readability of the trace file.
Are there any references available for CVE-2020-6261?
Yes, you can find more information about CVE-2020-6261 at the following references: [Reference 1](https://launchpad.support.sap.com/#/notes/2915126) and [Reference 2](https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- vendor/sap
- canonical/sap solution manager
- version/sap solution manager/7.20