Improper Access Control in SAP NetWeaver AS ABAP (Web Dynpro) Allows Unauthorized Access to Database Logfiles
CVE-2020-26819 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, that allows them to read and delete database logfiles because of Improper Access Control.
Learn more about our Web App Pen Testing.