CVE-2020-26809 Information
Feb 14, 2021
cve
Description
SAP Commerce Cloud versions- 1808181119052005 allows an attacker to bypass existing authentication and permission checks via the ‘/medias’ endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.
Reference
https://launchpad.support.sap.com//notes/2975189 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571
Share on: