Login Sign Up

CVE-2020-26810

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability allows unauthenticated attackers to send specially crafted requests to SAP Commerce Cloud's Accelerator Payment Mock module, causing denial of service by making the service unavailable. It affects SAP Commerce Cloud versions 1808, 1811, 1905, and 2005. The attack has no impact on data confidentiality or integrity.

💻 Affected Systems

Products:
  • SAP Commerce Cloud (Accelerator Payment Mock)
Versions: 1808, 1811, 1905, 2005
Operating Systems: Not OS-specific
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Accelerator Payment Mock module specifically; other modules may not be vulnerable.

📦 What is this software?

Commerce Cloud \(accelerator Payment Mock\) by Sap

View all CVEs affecting Commerce Cloud \(accelerator Payment Mock\) →

Commerce Cloud \(accelerator Payment Mock\) by Sap

View all CVEs affecting Commerce Cloud \(accelerator Payment Mock\) →

Commerce Cloud \(accelerator Payment Mock\) by Sap

View all CVEs affecting Commerce Cloud \(accelerator Payment Mock\) →

Commerce Cloud \(accelerator Payment Mock\) by Sap

View all CVEs affecting Commerce Cloud \(accelerator Payment Mock\) →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete unavailability of SAP Commerce Cloud service, disrupting business operations until service is restored.

🟠

Likely Case

Service disruption affecting e-commerce transactions and business processes that rely on the Commerce platform.

🟢

If Mitigated

Minimal impact if proper network controls and patching are implemented.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires network access to the vulnerable module URL but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply SAP Security Note 2975170

Vendor Advisory: https://launchpad.support.sap.com/#/notes/2975170

Restart Required: Yes

Instructions:

1. Download and apply SAP Security Note 2975170. 2. Restart SAP Commerce Cloud services. 3. Verify the patch is applied successfully.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to the Accelerator Payment Mock module URL to trusted sources only.

Module Disablement

all

Disable the Accelerator Payment Mock module if not required for business operations.

🧯 If You Can't Patch

  • Implement strict network segmentation and firewall rules to limit access to vulnerable endpoints.
  • Deploy web application firewall (WAF) rules to block malicious requests to the vulnerable URL.

🔍 How to Verify

Check if Vulnerable:

Check if SAP Commerce Cloud is running versions 1808, 1811, 1905, or 2005 and if the Accelerator Payment Mock module is enabled.

Check Version:

Check SAP Commerce Cloud version through administration console or system properties.

Verify Fix Applied:

Verify that SAP Security Note 2975170 is applied and test that crafted requests to the module URL no longer cause service disruption.

📡 Detection & Monitoring

Log Indicators:

  • Unusual high volume of requests to Accelerator Payment Mock module URL
  • Service restart or crash logs following specific request patterns

Network Indicators:

  • Multiple crafted requests to the vulnerable endpoint from single or multiple sources

SIEM Query:

source_ip AND (destination_port:443 OR destination_port:80) AND url_path:"/acceleratorservices/payment/mock" AND status_code:500

📊 Metadata

CVE ID: CVE-2020-26810
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published: November 10, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON