CVE-2020-26816

🗓️ 09 Dec 2020 16:28:11Reported by sapType

SAP AS JAVA Key Storage Service vulnerability in versions 7.10-7.50 enables unauthorized access to client credentials

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2020-26816	9 Dec 202020:32	–	circl
CNNVD	SAP AS JAVA 安全漏洞	8 Dec 202000:00	–	cnnvd
CNVD	SAP Netweaver AS JAVA Information Disclosure Vulnerability (CNVD-2021-03706)	15 Dec 202000:00	–	cnvd
Cvelist	CVE-2020-26816	9 Dec 202016:28	–	cvelist
EUVD	EUVD-2020-19352	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in SAP products	8 Dec 202000:00	–	ncsc
NCSC	Vulnerabilities fixed in SAP products	12 Jan 202100:00	–	ncsc
NVD	CVE-2020-26816	9 Dec 202017:15	–	nvd
OSV	CVE-2020-26816	9 Dec 202017:15	–	osv
Prion	Information disclosure	9 Dec 202017:15	–	prion

NVD

Vulners

Node

sap netweaver_application_server_javaMatch7.10

sap netweaver_application_server_javaMatch7.11

sap netweaver_application_server_javaMatch7.20

sap netweaver_application_server_javaMatch7.30

sap netweaver_application_server_javaMatch7.31

sap netweaver_application_server_javaMatch7.40

sap netweaver_application_server_javaMatch7.50

[
  {
    "product": "SAP NetWeaver AS JAVA (Key Storage Service)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.10"
      },
      {
        "status": "affected",
        "version": "< 7.11"
      },
      {
        "status": "affected",
        "version": "< 7.20"
      },
      {
        "status": "affected",
        "version": "< 7.30"
      },
      {
        "status": "affected",
        "version": "< 7.31"
      },
      {
        "status": "affected",
        "version": "< 7.40"
      },
      {
        "status": "affected",
        "version": "< 7.50"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/

21 Nov 2024 05:20Current

5.2Medium risk

Vulners AI Score5.2

CVSS 22.7

CVSS 3.14.5

CVSS 35.4

EPSS0.0002

CWE-312