CVE

CVE-2020-26834

admin

CVE-2020-26834

SAP HANA Database, version – 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.

Source: CVE-2020-26834

Exit mobile version