| |
Vulnerability CVE-2020-26824
Published: 2020-11-10
Description: |
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service. |
Type:
CWE-862 (Missing Authorization)
CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.4/10 |
4.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
Partial |
References: |
https://launchpad.support.sap.com/#/notes/2985866
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|