EUVD-2020-19355

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP NetWeaver AS ABAP permits improper access allowing authenticated users to read and delete logfiles.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2020-26819	10 Nov 202020:27	–	circl
CNVD	SAP NetWeaver AS ABAP Authorization Issues Vulnerability	16 Nov 202000:00	–	cnvd
CVE	CVE-2020-26819	10 Nov 202016:13	–	cve
Cvelist	CVE-2020-26819	10 Nov 202016:13	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	10 Nov 202000:00	–	ncsc
NVD	CVE-2020-26819	10 Nov 202017:15	–	nvd
Prion	Improper access control	10 Nov 202017:15	–	prion
Positive Technologies	PT-2020-16504 · Sap · Sap Netweaver As Abap	10 Nov 202000:00	–	ptsecurity
RedhatCVE	CVE-2020-26819	22 May 202516:34	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "3b202ebc-f20b-3719-bffd-6f543dd5a1ef",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1ab899c1-568f-3f62-9aba-bfaf015ff53d",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 740"
      },
      {
        "id": "38f43996-48ef-3cd0-a15c-52c2b0c3837e",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 755"
      },
      {
        "id": "55ac3cd9-ace1-38b4-ac75-d11179875be9",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 753"
      },
      {
        "id": "57554359-a570-3354-874f-5b36678702df",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 754"
      },
      {
        "id": "6d5bfed6-4ff7-3ac2-921d-ee33bc08f6be",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 782"
      },
      {
        "id": "b6d230a4-c800-321a-9ae5-b2735ea13909",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 750"
      },
      {
        "id": "d2673049-0dd0-396e-a24c-f7a5c4acac44",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 751"
      },
      {
        "id": "e6694d38-603b-37ee-81e4-d0a0af244b64",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 731"
      },
      {
        "id": "e76af8da-b921-3a58-95df-d2454e4bdd72",
        "product": {
          "name": "SAP NetWeaver AS ABAP (Web Dynpro)"
        },
        "product_version": "< 752"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6Medium risk

Vulners AI Score6

CVSS 35.4

CVSS 26.5

CVSS 3.18.8

EPSS0.00383