6 matches found
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
The vulnerability of the SAP Diagnostic Agent lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to compromise confidentiality, integrity, and accessibility of data.
The vulnerability of the SAP Diagnostic Agent relates to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to compromise confidentiality, integrity, and accessibility...
The vulnerability of the OSCommand Console and the GPA_ADMIN transaction of the SAP Diagnostic Agent allows a perpetrator to execute arbitrary code.
The vulnerability of the OSCommand Console and the GPAADMIN transaction of the SAP Diagnostic Agent exists due to the failure to take measures to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
Command injection
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
PT-2019-3771 · Sap · Sap Diagnostic Agent
Name of the Vulnerable Software and Affected Versions: SAP Diagnostic Agent version 7.2 Description: The issue exists due to the failure to neutralize special elements used in the operating system command. This allows a remote attacker to inject code that can be executed by the application,...