Podatność CVE-2020-26809
Publikacja: 2020-11-10

Opis:
SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
SAP Hybris eCommerce Information Disclosure
Gaston Traberg
15.06.2021

Typ:

CWE-200

 (Information Exposure)

 Referencje:
https://launchpad.support.sap.com/#/notes/2975189
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
Copyright 2024, cxsecurity.com

 

Back to Top