367 matches found
CVE-2023-0024
SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in...
PT-2023-19253 · Sap · Sap Solution Manager
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager System Monitoring version 720 Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting XSS issue. This allows for the execution of malicious scripts within...
SAP Solution Manager 输入验证错误漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as a system management platform. An input validation error vulnerability exists in SAP Solution Manager version 720, which stems from insufficie...
SAP Solution Manager 跨站脚本漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
SAP Solution Manager 跨站脚本漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
PT-2023-15955 · Sap · Sap Solution Manager
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager BSP Application version 720 Description: The issue allows an authenticated attacker to craft a malicious link. When clicked by an unsuspecting user, this link can be used to read or modify some sensitive information or...
SAP Solution Manager 跨站脚本漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
PT-2023-15956 · Sap · Sap Solution Manager
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager BSP Application version 720 Description: The issue allows an authenticated attacker to craft a malicious link. When clicked by an unsuspecting user, this link can be used to read or modify some sensitive information or...
PT-2023-19256 · Sap · Sap Solution Manager
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager version 720 Description: The issue allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or...
Vulnerabilities fixed in SAP products
SAP has released updates for several products, including SAP BASIS, Netweaver, HAMA, Business Planning & Consolidation, SAP CRM and SAP Solution Manager. A malicious party could potentially exploit and cause damage in the following categories: Cross-Site Scripting XSS Bypassing authentication...
The vulnerability of the Diagnostics Agent tool of the SAP Solution Manager software platform for operating systems Windows allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Diagnostics Agent tool of the SAP Solution Manager software platform for operating systems with Windows is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
CVE-2022-41275
In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...
CVE-2022-41275
In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...
Design/Logic Flaw
In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...
CVE-2022-41275
In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...
CVE-2022-41275
CVE-2022-41275 affects SAP Solution Manager (Enterprise Search) versions 740 and 750. An unauthenticated attacker can craft a link that, when a logged-in user clicks it, redirects the user to a malicious page capable of reading or modifying sensitive information or enabling a phishing attack. Imp...
CVE-2022-41275
In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...
SAP Solution Manager 输入验证错误漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
PT-2022-25783 · Sap · Sap Solution Manager
Name of the Vulnerable Software and Affected Versions: SAP Solution Manager Enterprise Search versions 740, and 750 Description: An unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page. This could potentially read or modify...
CVE-2022-41261
SAP Solution Manager Diagnostic Agent - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attack...