Lucene search

CVE-2020-6364

🗓️ 15 Oct 2020 02:12:15Reported by sapType

SAP Solution Manager and SAP Focused Run vulnerability allowing code injection via cookie modification

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2020-6364	15 Oct 202001:55	–	cvelist
Prion	Code injection	15 Oct 202002:15	–	prion
AttackerKB	CVE-2020-6364 — OS Command Injection Vulnerability in CA Introscope Enterprise Manager (Affected Products: SAP Solution Manager and SAP Focused Run)	15 Oct 202000:00	–	attackerkb
CISA	SAP Releases October 2020 Security Updates	13 Oct 202000:00	–	cisa
NVD	CVE-2020-6364	15 Oct 202002:15	–	nvd

Nvd

Node

sap introscope_enterprise_managerMatch9.7

sap introscope_enterprise_managerMatch10.1

sap introscope_enterprise_managerMatch10.5

sap introscope_enterprise_managerMatch10.7

[
  {
    "product": "SAP Solution Manager (CA Introscope Enterprise Manager) and SAP Focused Run (CA Introscope Enterprise Manager)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< WILY_INTRO_ENTERPRISE 9.7"
      },
      {
        "status": "affected",
        "version": "< 10.1"
      },
      {
        "status": "affected",
        "version": "< 10.5"
      },
      {
        "status": "affected",
        "version": "< 10.7"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/fulldisclosure/2021/Jun/28
packetstormsecurity	www.packetstormsecurity.com/files/163153/SAP-Wily-Introscope-Enterprise-OS-Command-Injection.html
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Oct 2020 02:15Current

9.5High risk

Vulners AI Score9.5

CVSS210

CVSS310

EPSS0.006

CWE-78