CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-26826

Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://launchpad.support.sap.com/#/notes/2974330
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079
https://launchpad.support.sap.com/#/notes/2974330
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079

Products affected by CVE-2020-26826

Sap » Netweaver Application Server Java » Version: 7.31

cpe:2.3:a:sap:netweaver_application_server_java:7.31
Sap » Netweaver Application Server Java » Version: 7.40

cpe:2.3:a:sap:netweaver_application_server_java:7.40
Sap » Netweaver Application Server Java » Version: 7.50

cpe:2.3:a:sap:netweaver_application_server_java:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26826

Products

Pricing

Contact Us