SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2020-11-10T16:10:56
Updated: 2024-08-04T16:03:22.462Z
Reserved: 2020-10-07T00:00:00
Link: CVE-2020-26809
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-10T17:15:13.437
Modified: 2024-11-21T05:20:19.500
Link: CVE-2020-26809
Redhat
No data.