Lucene search
PRIOn knowledge basePRION:CVE-2023-36921HistoryJul 11, 2023 - 3:15 a.m.
Cross site request forgery (csrf)
2023-07-1103:15:00
PRIOn knowledge base
www.prio-n.com
8
cross site request forgery
sap solution manager
diagnostics agent
version 7.20
attacker tampering
client request
poisoned content
exploitation impact
confidentiality
availability
application
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| solution_manager | eq | 7.20 |
Related
cve
cve
CVE-2023-36921
2023-07-11 03:15:10
cvelist
cvelist
CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent)
2023-07-11 02:56:06
nvd
nvd
CVE-2023-36921
2023-07-11 03:15:10