367 matches found
CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...
CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...
CVE-2023-49587
CVE-2023-49587 affects SAP Solution Manager 720. The vulnerability allows an authorized attacker to execute certain deprecated function modules, enabling reading or modification of data across the same or other components over the network, with no user interaction. Root cause cited in multiple so...
The vulnerability of the SAP Solution Manager (Diagnostics agent) platform, related to the lack of mechanisms for encoding or blocking output data, allows for the execution of XSS attacks.
The vulnerability of the SAP Solution Manager Diagnostics agent platform is related to the lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the SAP Solution Manager (Diagnostics agent) platform, related to insufficient validation of incoming requests, allows a perpetrator to disclose protected information or cause service failures.
The vulnerability of the SAP Solution Manager Diagnostics agent platform lies in insufficient validation of incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service failures by sending specially crafted HTTP requests...
SAP Solution Manager Code Issue Vulnerability
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
CVE-2023-36921
SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...
CVE-2023-36925
SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...
CVE-2023-36921
SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...
CVE-2023-36925
SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...
Cross site request forgery (csrf)
SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...
Design/Logic Flaw
SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...
CVE-2023-36925 Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)
SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...
CVE-2023-36925
The CVE-2023-36925 issue affects SAP Solution Manager (Diagnostics agent) v7.20, where insufficient validation of incoming requests allows an unauthenticated attacker to blindly make HTTP requests. This SSRF-style flaw can lead to a limited impact on confidentiality and availability of the SAP So...
CVE-2023-36925 Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)
SAP Solution Manager Diagnostics agent - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can...
CVE-2023-36921
CVE-2023-36921 relates to SAP Solution Manager (Diagnostics agent) v7.20, where an attacker can tamper with headers in a client request, causing the SAP Diagnostics Agent to serve poisoned content to the server. The underlying impact is limited: confidentiality and availability are affected to a ...
CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent)
SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...
CVE-2023-36921 Header Injection in SAP Solution Manager (Diagnostic Agent)
SAP Solution Manager Diagnostics agent - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availabilit...
SAP Solution Manager 代码问题漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including. Business Objects, ECC, HANA, Netweaver, Business Warehouse and Solution Manager. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS...