CVE-2020-26832 vulnerability in SAP Products
Published on December 9, 2020
SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailable.
Products Associated with CVE-2020-26832
Want to know whenever a new CVE is published for SAP products? stack.watch will email you.
Affected Versions
SAP SE SAP NetWeaver AS ABAP (SAP Landscape Transformation):- Version < 2011_1_620 is affected.
- Version < 2011_1_640 is affected.
- Version < 2011_1_700 is affected.
- Version < 2011_1_710 is affected.
- Version < 2011_1_730 is affected.
- Version < 2011_1_731 is affected.
- Version < 2011_1_752 is affected.
- Version < 2020 is affected.
- Version < 101 is affected.
- Version < 102 is affected.
- Version < 103 is affected.
- Version < 104 is affected.
- Version < 105 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.