VYPR
Unrated severityNVD Advisory· Published Dec 9, 2020· Updated Aug 4, 2024

CVE-2020-26834

CVE-2020-26834

Description

SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.