CVE-2020-26809 is a vulnerability in SAP Commerce Cloud
Published on November 10, 2020

SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.

NVD

Products Associated with CVE-2020-26809

Want to know whenever a new CVE is published for SAP Commerce Cloud? stack.watch will email you.

SAP Commerce Cloud

Affected Versions

SAP SE SAP Commerce Cloud:

Version < 1808 is affected.
Version < 1811 is affected.
Version < 1905 is affected.
Version < 2005 is affected.

Exploit Probability

EPSS

0.26%

Percentile

49.28%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-26809 is a vulnerability in SAP Commerce CloudPublished on November 10, 2020

Products Associated with CVE-2020-26809

Affected Versions

Exploit Probability

CVE-2020-26809 is a vulnerability in SAP Commerce Cloud
Published on November 10, 2020