File Modification Vulnerability in SAP ERP Client for E-Bilanz by SAP
CVE-2020-26807
4.4MEDIUM
Summary
The SAP ERP Client for E-Bilanz version 1.0 contains a security flaw due to incorrect default filesystem permissions in its installation folder. This misconfiguration permits unauthorized users to access and modify critical files within the installation directory, potentially leading to system integrity issues and unauthorized alterations. Organizations using this software should review their installation settings to mitigate risks associated with this vulnerability.
Affected Version(s)
SAP ERP Client for E-Bilanz 1.0 < 1.0
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved