Vulnerabilities > SAP > BW 4Hana > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-12-09 CVE-2020-26838 OS Command Injection vulnerability in SAP Business Warehouse and Bw/4Hana
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction.
network
low complexity
sap CWE-78
critical
9.0