SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. This folder could contain sensitive files that results in disclosure of sensitive information and impact system configuration confidentiality.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2020-11-10T16:10:56

Updated: 2024-08-04T16:03:22.462Z

Reserved: 2020-10-07T00:00:00

Link: CVE-2020-26809

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-11-10T17:15:13.437

Modified: 2024-11-21T05:20:19.500

Link: CVE-2020-26809

cve-icon Redhat

No data.