17 matches found
CVE-2022-41261
SAP Solution Manager Diagnostic Agent - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attack...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
The vulnerability of the SAP Diagnostic Agent lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to compromise confidentiality, integrity, and accessibility of data.
The vulnerability of the SAP Diagnostic Agent relates to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to compromise confidentiality, integrity, and accessibility...
CVE-2022-41261
SAP Solution Manager Diagnostic Agent - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attack...
CVE-2022-41261
SAP Solution Manager Diagnostic Agent - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attack...
Improper access control
SAP Solution Manager Diagnostic Agent - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attack...
CVE-2022-41261
CVE-2022-41261 concerns SAP Solution Manager (Diagnostic Agent) 7.20. An authenticated attacker on Windows can access a file containing sensitive data, which can be used to reach a configuration file with credentials to access other system files. Successful exploitation may grant access to files ...
PT-2022-6135 · Sap +1 · Sap Solution Manager +1
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager Diagnostic Agent version 7.20 Description: The issue allows an authenticated attacker on a Windows system to access a file containing sensitive data, which can be used to access a configuration file containing credentials...
SAP Solution Manager 安全漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
The vulnerability of the SAP Diagnostic Agent, related to the lack of protection for operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP Diagnostic Agent lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information through a specially crafted query...
The vulnerability of the OSCommand Console and the GPA_ADMIN transaction of the SAP Diagnostic Agent allows a perpetrator to execute arbitrary code.
The vulnerability of the OSCommand Console and the GPAADMIN transaction of the SAP Diagnostic Agent exists due to the failure to take measures to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
Command injection
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
CVE-2019-0330
The CVE-2019-0330 issue affects SAP Diagnostics Agent (LM-Service) version 7.2, specifically the OS Command Plugin in GPA_ADMIN and the OSCommand Console. Root cause: insufficient input sanitization leading to OS command injection. Impact: attacker could inject commands and potentially control th...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
PT-2019-3771 · Sap · Sap Diagnostic Agent
Name of the Vulnerable Software and Affected Versions: SAP Diagnostic Agent version 7.2 Description: The issue exists due to the failure to neutralize special elements used in the operating system command. This allows a remote attacker to inject code that can be executed by the application,...