CVE-2020-26830 is a vulnerability in SAP Solution Manager
Published on December 9, 2020
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. These operations can be used to Change the User Experience Monitoring configuration, obtain details about the configured SAP Solution Manager agents, Deploy a malicious User Experience Monitoring script.
Products Associated with CVE-2020-26830
Want to know whenever a new CVE is published for SAP Solution Manager? stack.watch will email you.
Affected Versions
SAP SE SAP Solution Manager (User Experience Monitoring) Version < 7.20 is affected by CVE-2020-26830Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.