Code Injection Vulnerability in SAP AS ABAP and SAP S4 HANA
CVE-2020-26808
9.1CRITICAL
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 10 November 2020
What is CVE-2020-26808?
An authenticated attacker can exploit a code injection vulnerability in SAP AS ABAP and SAP S4 HANA by injecting arbitrary code into a function module. This flaw could lead to unauthorized code execution within the application, compromising its confidentiality, availability, and integrity. System administrators should prioritize patching affected versions to mitigate potential risks associated with this vulnerability.
Affected Version(s)
SAP AS ABAP(DMIS) < 2011_1_620 < 2011_1_620
SAP AS ABAP(DMIS) < 2011_1_640 < 2011_1_640
SAP AS ABAP(DMIS) < 2011_1_700 < 2011_1_700