6 matches found
CVE-2023-24523
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...
PT-2023-19671 · Sap · Sap Host Agent
Name of the Vulnerable Software and Affected Versions: SAP Host Agent Start Service versions 7.21, 7.22 Description: An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent can submit a crafted ConfigureOutsideDiscovery request with an...
SAP Solution Manager Missing Authentication Check Vulnerability (CNVD-2020-62930)
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
CVE-2020-26822
SAP Solution Manager JAVA stack, version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service...
Authorization
SAP Solution Manager JAVA stack, version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service...
CVE-2020-26822
SAP Solution Manager JAVA stack, version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service...