Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2020-26808

Published: Nov 10, 2020 | Modified: Jul 01, 2022
CVSS 3.x
7.2
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2020-26808
CWEhttps://cwe.mitre.org/data/definitions/.html

SAP AS ABAP(DMIS), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA(DMIS), versions - 101, 102, 103, 104, 105, allows an authenticated attacker to inject arbitrary code into function module leading to code injection that can be executed in the application which affects the confidentiality, availability and integrity of the application.

Affected Software

Name Vendor Start Version End Version
Sap_as_abap(dmis) Sap 2011_1_620 (including) 2011_1_620 (including)
Sap_as_abap(dmis) Sap 2011_1_640 (including) 2011_1_640 (including)
Sap_as_abap(dmis) Sap 2011_1_700 (including) 2011_1_700 (including)
Sap_as_abap(dmis) Sap 2011_1_710 (including) 2011_1_710 (including)
Sap_as_abap(dmis) Sap 2011_1_730 (including) 2011_1_730 (including)
Sap_as_abap(dmis) Sap 2011_1_731 (including) 2011_1_731 (including)
Sap_as_abap(dmis) Sap 2011_1_752 (including) 2011_1_752 (including)
Sap_as_abap(dmis) Sap 2020 (including) 2020 (including)
Sap_s4_hana(dmis) Sap 101 (including) 101 (including)
Sap_s4_hana(dmis) Sap 102 (including) 102 (including)
Sap_s4_hana(dmis) Sap 103 (including) 103 (including)
Sap_s4_hana(dmis) Sap 104 (including) 104 (including)
Sap_s4_hana(dmis) Sap 105 (including) 105 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use