mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
75 lines
2.4 KiB
JSON
75 lines
2.4 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2020-26824",
|
|
"ASSIGNER": "cna@sap.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SAP SE",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SAP Solution Manager (JAVA stack)",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_name": "<",
|
|
"version_value": "7.20"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"baseScore": "10",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
|
|
"version": "3.0"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Missing Authorization"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571",
|
|
"refsource": "MISC",
|
|
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571"
|
|
},
|
|
{
|
|
"url": "https://launchpad.support.sap.com/#/notes/2985866",
|
|
"refsource": "MISC",
|
|
"name": "https://launchpad.support.sap.com/#/notes/2985866"
|
|
}
|
|
]
|
|
}
|
|
} |