Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Focused Run Security Vulnerabilities

cve
cve

CVE-2020-6369

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator.This may impact the confidentiality of ...

5.9CVSS

6AI Score

0.002EPSS

2020-10-20 02:15 PM
23
2
cve
cve

CVE-2021-27609

SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and manipulate the activation for the SAP EarlyWatch Alert service data collection and sending to SAP without the intended authorization.

6.5CVSS

6.3AI Score

0.001EPSS

2021-04-13 07:15 PM
22
4
cve
cve

CVE-2022-24399

The SAP Focused Run (Real User Monitoring) - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting (XSS) vulnerability.

6.1CVSS

5.9AI Score

0.002EPSS

2022-03-10 05:46 PM
72
2
cve
cve

CVE-2022-27657

A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0.

2.7CVSS

3.9AI Score

0.005EPSS

2022-04-12 05:15 PM
60
2