Unrated severityNVD Advisory· Published Nov 10, 2020· Updated Aug 4, 2024
CVE-2020-26809
CVE-2020-26809
Description
SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 1808, 1811, 1905, 2005
- SAP SE/SAP Commerce Cloudv5Range: < 1808
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/163146/SAP-Hybris-eCommerce-Information-Disclosure.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2021/Jun/27mitremailing-listx_refsource_FULLDISC
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.