CVE-2020-26836

Name of the Vulnerable Software and Affected Versions SAP Solution Manager (Trace Analysis) version 720

Description The issue allows for misuse of a parameter in the application URL, leading to an Open Redirect vulnerability. An attacker can enter a link to a malicious site as a parameter in the application URL and share it with the end user, who could potentially become a victim of the attack. This could trick the user into entering credentials or downloading malicious software.

Recommendations For SAP Solution Manager (Trace Analysis) version 720, consider restricting access to the vulnerable parameter in the application URL to minimize the risk of exploitation. Avoid using the vulnerable parameter in the application URL until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.