EUVD-2020-19352

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP AS Java Key Storage Service lacks encryption for keys, risking confidentiality of client data.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2020-26816	9 Dec 202020:32	–	circl
CNNVD	SAP AS JAVA 安全漏洞	8 Dec 202000:00	–	cnnvd
CNVD	SAP Netweaver AS JAVA Information Disclosure Vulnerability (CNVD-2021-03706)	15 Dec 202000:00	–	cnvd
CVE	CVE-2020-26816	9 Dec 202016:28	–	cve
Cvelist	CVE-2020-26816	9 Dec 202016:28	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	8 Dec 202000:00	–	ncsc
NCSC	Vulnerabilities fixed in SAP products	12 Jan 202100:00	–	ncsc
NVD	CVE-2020-26816	9 Dec 202017:15	–	nvd
OSV	CVE-2020-26816	9 Dec 202017:15	–	osv
Prion	Information disclosure	9 Dec 202017:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "278cc373-4a2c-3b22-902f-fc6a8d1aa2bd",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2fb42971-997b-3baf-b56d-12b904b92a83",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.40"
      },
      {
        "id": "559a80b9-3c12-31d8-8be3-99a10e38bd5e",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.11"
      },
      {
        "id": "80766918-dfb4-3b31-a691-6c8e22342138",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.20"
      },
      {
        "id": "86ad4929-fe3b-313e-a87c-638533b01e2f",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.50"
      },
      {
        "id": "8c102fde-fd61-3db8-9d75-733e9b27f085",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.30"
      },
      {
        "id": "9a3d2a02-d966-3b19-8d84-5d3a6878fb3a",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.31"
      },
      {
        "id": "a2c20c1c-7a02-336a-b61f-7e9fb4a9ea07",
        "product": {
          "name": "SAP NetWeaver AS JAVA (Key Storage Service)"
        },
        "product_version": "< 7.10"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 35.4

CVSS 22.7

CVSS 3.14.5

EPSS0.0002