Input validation

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

CVE-2020-6261

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

CVE-2020-6261

SAP Solution Manager (Trace Analysis) 7.20 is affected. The issue allows log injection into the trace file due to incomplete XML validation, impairing readability of trace files. No explicit remediation or patch version is provided in the connected documents. References point to SAP notes/wiki en...

SAP Solution Manager Memory Corruption Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

SAP Solution Manager Unauthorized Access Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

CVE-2020-6271

SAP Solution Manager Problem Context Manager, version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data files visible for technical administration users of the diagnostics agent...

CVE-2020-6271

SAP Solution Manager Problem Context Manager, version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data files visible for technical administration users of the diagnostics agent...

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

Input validation

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

Authentication flaw

SAP Solution Manager Problem Context Manager, version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data files visible for technical administration users of the diagnostics agent...

CVE-2020-6260

SAP Solution Manager (Trace Analysis) 7.20 is affected by CVE-2020-6260 due to incomplete XML validation, enabling an attacker to inject data that the application may display, exposing data that does not exist. The issue is network-accessible with low attack complexity and requires no authenticat...

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

CVE-2020-6271

CVE-2020-6271 affects SAP Solution Manager (Problem Context Manager) version 7.2. The issue arises from insufficient authentication, enabling an attacker to cause memory exhaustion, potentially crash the system and read restricted data (files visible to diagnostics agent admins). Documents consis...

CVE-2020-6271

SAP Solution Manager Problem Context Manager, version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data files visible for technical administration users of the diagnostics agent...

SAP Solution Manager Authorization Issues Vulnerability (CNVD-2020-25979)

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

CVE-2020-6235

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

CVE-2020-6235

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

Authentication flaw

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

CVE-2020-6235

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...