CVE-2020-26834 is a vulnerability in SAP Hana Database
Published on December 9, 2020

SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.

NVD

Products Associated with CVE-2020-26834

Want to know whenever a new CVE is published for SAP Hana Database? stack.watch will email you.

SAP Hana Database

Affected Versions

SAP SE SAP HANA Database Version < 2.0 is affected by CVE-2020-26834

Exploit Probability

EPSS

0.16%

Percentile

36.89%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-26834 is a vulnerability in SAP Hana DatabasePublished on December 9, 2020

Products Associated with CVE-2020-26834

Affected Versions

Exploit Probability

CVE-2020-26834 is a vulnerability in SAP Hana Database
Published on December 9, 2020