{"containers":{"cna":{"affected":[{"product":"SAP Solution Manager (JAVA stack)","vendor":"SAP SE","versions":[{"status":"affected","version":"< 7.20"}]}],"descriptions":[{"lang":"en","value":"SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":10,"baseSeverity":"CRITICAL","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Missing Authorization","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-11-10T16:17:49.000Z","orgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","shortName":"sap"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571"},{"tags":["x_refsource_MISC"],"url":"https://launchpad.support.sap.com/#/notes/2985866"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@sap.com","ID":"CVE-2020-26823","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"SAP Solution Manager (JAVA stack)","version":{"version_data":[{"version_name":"<","version_value":"7.20"}]}}]},"vendor_name":"SAP SE"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service."}]},"impact":{"cvss":{"baseScore":"10","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Missing Authorization"}]}]},"references":{"reference_data":[{"name":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571","refsource":"MISC","url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571"},{"name":"https://launchpad.support.sap.com/#/notes/2985866","refsource":"MISC","url":"https://launchpad.support.sap.com/#/notes/2985866"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T16:03:22.605Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://launchpad.support.sap.com/#/notes/2985866"}]}]},"cveMetadata":{"assignerOrgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","assignerShortName":"sap","cveId":"CVE-2020-26823","datePublished":"2020-11-10T16:17:49.000Z","dateReserved":"2020-10-07T00:00:00.000Z","dateUpdated":"2024-08-04T16:03:22.605Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}