2 matches found
CVE-2023-24523
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...
PT-2023-19671 · Sap · Sap Host Agent
Name of the Vulnerable Software and Affected Versions: SAP Host Agent Start Service versions 7.21, 7.22 Description: An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent can submit a crafted ConfigureOutsideDiscovery request with an...