Lucene search
K

367 matches found

Cvelist
Cvelist
added 2023/12/12 1:35 a.m.24 views

CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...

6.4CVSS6.7AI score0.00408EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/12/12 1:35 a.m.8 views

CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...

6.4CVSS7AI score0.00408EPSS
Exploits0References2
CVE
CVE
added 2023/12/12 1:35 a.m.42 views

CVE-2023-49587

CVE-2023-49587 affects SAP Solution Manager 720. The vulnerability allows an authorized attacker to execute certain deprecated function modules, enabling reading or modification of data across the same or other components over the network, with no user interaction. Root cause cited in multiple so...

6.4CVSS6.5AI score0.00408EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.6 views

The vulnerability of the SAP Solution Manager (Diagnostics agent) platform, related to the lack of mechanisms for encoding or blocking output data, allows for the execution of XSS attacks.

The vulnerability of the SAP Solution Manager Diagnostics agent platform is related to the lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

7.2CVSS7AI score0.00548EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.6 views

The vulnerability of the SAP Solution Manager (Diagnostics agent) platform, related to insufficient validation of incoming requests, allows a perpetrator to disclose protected information or cause service failures.

The vulnerability of the SAP Solution Manager Diagnostics agent platform lies in insufficient validation of incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service failures by sending specially crafted HTTP requests...

7.2CVSS7AI score0.00536EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2023/07/14 12:0 a.m.21 views

SAP Solution Manager Code Issue Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

7.2CVSS7.5AI score0.00536EPSS
Exploits0References1
NVD
NVD
added 2023/07/11 3:15 a.m.19 views

CVE-2023-36921

SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...

7.2CVSS6.9AI score0.00548EPSS
Exploits0References2
NVD
NVD
added 2023/07/11 3:15 a.m.15 views

CVE-2023-36925

SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...

7.2CVSS7.1AI score0.00536EPSS
Exploits0References2
OSV
OSV
added 2023/07/11 3:15 a.m.6 views

CVE-2023-36921

SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...

7.2CVSS5.8AI score0.00548EPSS
Exploits0References2
OSV
OSV
added 2023/07/11 3:15 a.m.6 views

CVE-2023-36925

SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...

7.2CVSS5.8AI score0.00536EPSS
Exploits0References2
Prion
Prion
added 2023/07/11 3:15 a.m.30 views

Cross site request forgery (csrf)

SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...

6.4CVSS6.8AI score0.00548EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/07/11 3:15 a.m.21 views

Design/Logic Flaw

SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...

6.4CVSS7AI score0.00536EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/11 2:57 a.m.10 views

CVE-2023-36925 Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)

SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...

7.2CVSS7.3AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 2:57 a.m.57 views

CVE-2023-36925

The CVE-2023-36925 issue affects SAP Solution Manager (Diagnostics agent) v7.20, where insufficient validation of incoming requests allows an unauthenticated attacker to blindly make HTTP requests. This SSRF-style flaw can lead to a limited impact on confidentiality and availability of the SAP So...

7.2CVSS7.1AI score0.00536EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/07/11 2:57 a.m.18 views

CVE-2023-36925 Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)

SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...

7.2CVSS7.3AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 2:56 a.m.52 views

CVE-2023-36921

CVE-2023-36921 relates to SAP Solution Manager (Diagnostics agent) v7.20, where an attacker can tamper with headers in a client request, causing the SAP Diagnostics Agent to serve poisoned content to the server. The underlying impact is limited: confidentiality and availability are affected to a ...

7.2CVSS6.9AI score0.00548EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/07/11 2:56 a.m.28 views

CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent)

SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...

7.2CVSS7.1AI score0.00548EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/11 2:56 a.m.8 views

CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent)

SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...

7.2CVSS7AI score0.00548EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

SAP Solution Manager 代码问题漏洞

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

7.2CVSS7.3AI score0.00536EPSS
Exploits0References3
NCSC
NCSC
added 2023/07/11 12:0 a.m.65 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including. Business Objects, ECC, HANA, Netweaver, Business Warehouse and Solution Manager. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS...

9.4CVSS7AI score0.00807EPSS
Exploits0
Rows per page
Query Builder