CVE-2020-26814

Name of the Vulnerable Software and Affected Versions SAP Process Integration (PGP Module - Business-to-Business Add On) version 1.0

Description The issue allows an attacker to read PGP Keys under certain conditions in the PGP Module of Business-to-Business Add-On. These keys can then be used to read messages processed by the module, leading to Information Disclosure.

Recommendations For SAP Process Integration (PGP Module - Business-to-Business Add On) version 1.0, consider restricting access to the PGP Module to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the PGP Module or limiting its use can help prevent information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.