Published in: sap note

CVE-2020-26807 Incorrect Default Permissions in SAP ERP Client for E-Bilanz 1.0, SAP security note 2971112

Author RedRays Team

Published on: November 10, 2020

Description

On installation of SAP ERP Client for E-Bilanz 1.0, Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder.

Available fix and Supported packages

EBILANZ | 100 | 100
E-BILANZ CLIENT 1.0 | SP003 | 000012

Affected component

CVSS

Score: 4.4
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2971112

CVE-2020-26807 Incorrect Default Permissions in SAP ERP Client for E-Bilanz 1.0, SAP security note 2971112

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Access-rights
#Access-control
#ACL
#Filesystem-permissions
#&160-CVE-2020-26807

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Access-rights#Access-control#ACL#Filesystem-permissions#&160-CVE-2020-26807

You may also like

#Access-rights
#Access-control
#ACL
#Filesystem-permissions
#&160-CVE-2020-26807