367 matches found
CVE-2020-26836
SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...
CVE-2020-26830
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. Thes...
CVE-2020-26837
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the...
CVE-2020-26836
SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...
CVE-2020-26830
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. Thes...
CVE-2020-26837
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the...
Open redirect
SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...
Path traversal
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the...
Authorization
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. Thes...
CVE-2020-26836
SAP Solution Manager (Trace Analysis) 7.2 (ST 720) contains an Open Redirect vulnerability caused by misuse of a URL parameter. An attacker could craft a link that, when clicked by a user, redirects to a malicious site, potentially enabling credential theft or malware delivery. Affected component...
CVE-2020-26836
SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...
CVE-2020-26837
SAP Solution Manager 7.2 (User Experience Monitoring) is affected by a path traversal vulnerability. A authenticated user can upload a malicious script, potentially exposing file-system data (confidentiality), partially modifying configurations (integrity) and partially impacting availability. Th...
CVE-2020-26837
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the...
CVE-2020-26830
SAP Solution Manager 7.2 User Experience Monitoring, version - 7.2, does not perform necessary authorization checks for an authenticated user. Due to inadequate access control, a network attacker authenticated as a regular user can use operations which should be restricted to administrators. Thes...
CVE-2020-26830
CVE-2020-26830 applies to SAP Solution Manager 7.2 (User Experience Monitoring). The common thread across connected sources is a missing authorization check for authenticated users, enabling a regular user to perform operations restricted to administrators (change UX monitoring config, view agent...
PT-2020-16519
Name of the Vulnerable Software and Affected Versions SAP Solution Manager Trace Analysis version 720 Description The issue allows for misuse of a parameter in the application URL, leading to an Open Redirect vulnerability. An attacker can enter a link to a malicious site as a parameter in the...
SAP Solution Manager 路径遍历漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
SAP Solution Manager 安全漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
SAP Solution Manager 输入验证错误漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
SAP Solution Manager Missing Authentication Check Vulnerability (CNVD-2020-62929)
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...