CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-26836 – SAP Solution Manager 7.2 (ST 720) Open Redirection
https://notcve.org/view.php?id=CVE-2020-26836
09 Dec 2020 — SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack. SAP Solution Manager (Trace Analysis), versión 720, permite el uso inapropiado de un parámetro en la URL la aplic... • https://packetstorm.news/files/id/163136 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26837 – SAP Solution Manager 7.2 File Disclosure / Denial of Service
https://notcve.org/view.php?id=CVE-2020-26837
09 Dec 2020 — SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable. SAP Solution Manager versión 7.2 (User Experience Monitoring), versión - 7.2, permite a un usuario a... • http://packetstormsecurity.com/files/163160/SAP-Solution-Manager-7.2-File-Disclosure-Denial-Of-Service.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2020-26838
https://notcve.org/view.php?id=CVE-2020-26838
09 Dec 2020 — SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availabili... • https://launchpad.support.sap.com/#/notes/2983367 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.6EPSS: 0%CPEs: 13EXPL: 3CVE-2020-26832 – SAP Application Server ABAP / ABAP Platform Code Injection / SQL Injection / Missing Authorization
https://notcve.org/view.php?id=CVE-2020-26832
09 Dec 2020 — SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailabl... • https://packetstorm.news/files/id/167229 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2020-26835
https://notcve.org/view.php?id=CVE-2020-26835
09 Dec 2020 — SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability. SAP NetWeaver AS ABAP, versiones - 740, 750, 751, 752, 753, 754, no codifica suficientemente la URL, lo que permite a un atacante ingresar un script java malicioso en la URL que podría ser ejecutado en el navegador, resultando en una vulnerabi... • https://launchpad.support.sap.com/#/notes/2996479 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26834
https://notcve.org/view.php?id=CVE-2020-26834
09 Dec 2020 — SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued. SAP HANA Database, versión 2.0, no comprueba correctamente el nombre de usuario cuando lleva a cabo la autenticación de usuario basada en token de portador SAML. Es posible manipular un token d... • https://launchpad.support.sap.com/#/notes/2978768 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26826
https://notcve.org/view.php?id=CVE-2020-26826
09 Dec 2020 — Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload. Process Integration Monitoring de SAP NetWeaver AS JAVA, versiones 7.31, 7.40, 7.50, permite a un atacante cargar cualquier archivo (incluyendo los archivos de script) sin la comprobación apropiada del formato de archivo, conllevando a una Carga de Archivos Sin Restricciones • https://launchpad.support.sap.com/#/notes/2974330 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26828
https://notcve.org/view.php?id=CVE-2020-26828
09 Dec 2020 — SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload (script) on target machine could be used to steal and modify the data available in the spreadsheet SAP Disclosure Management, versión 10.1, proporciona capacidades para que usuarios autorizados carguen y descarguen contenido de un tipo ... • https://launchpad.support.sap.com/#/notes/2971180 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26831
https://notcve.org/view.php?id=CVE-2020-26831
09 Dec 2020 — SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file disclosure, internal directories disclosure, Server-Side Request Forgery (SSRF) and denial-of-service (DoS). SAP BusinessObjects BI Platform (Crystal Report), versiones - 4.1, 4.2, 4.3, no comprueba suficientemente las en... • https://launchpad.support.sap.com/#/notes/2989075 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26830 – SAP Solution Manager 7.2 Missing Authorization
https://notcve.org/view.php?id=CVE-2020-26830
09 Dec 2020 — SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. These operations can be used to Change the User Experience Monitoring configuration, obtain details about the configured SAP Solution Manager agents, Deploy a malicious User Experience Monitoring script. SAP Solution ... • http://packetstormsecurity.com/files/163161/SAP-Solution-Manager-7.2-Missing-Authorization.html • CWE-862: Missing Authorization •