CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26811

SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811, 1905, 2005, allows an unauthenticated attacker to submit a crafted request over a network to a particular SAP Commerce module URL which will be processed without further interaction, the crafted request leads to Server Side Request Forgery attack which could lead to retrieval of limited pieces of information about the service with no impact on integrity or availability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.2%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-26811

Sap » Commerce Cloud (Accelerator Payment Mock) » Version: 1808

cpe:2.3:a:sap:commerce_cloud_(accelerator_payment_mock):1808
Sap » Commerce Cloud (Accelerator Payment Mock) » Version: 1811

cpe:2.3:a:sap:commerce_cloud_(accelerator_payment_mock):1811
Sap » Commerce Cloud (Accelerator Payment Mock) » Version: 1905

cpe:2.3:a:sap:commerce_cloud_(accelerator_payment_mock):1905
Sap » Commerce Cloud (Accelerator Payment Mock) » Version: 2005

cpe:2.3:a:sap:commerce_cloud_(accelerator_payment_mock):2005

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26811

Products

Pricing

Contact Us