Log Injection Vulnerability in SAP Solution Manager by SAP
CVE-2020-6261
5.3MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 1 July 2020
What is CVE-2020-6261?
A log injection vulnerability exists in SAP Solution Manager (Trace Analysis) version 7.20, enabling attackers to inject malicious content into trace files. This is due to incomplete XML validation, compromising the integrity and readability of the trace files. Attackers could exploit this flaw to manipulate log data, which may hinder effective analysis and troubleshooting efforts.
Affected Version(s)
SAP Solution Manager (Trace Analysis) < 7.20