Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be restricted.
7.5CVSS
7.3AI Score
0.004EPSS
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).
9.8CVSS
9.5AI Score
0.01EPSS
Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parametersβ default values to be part of the application logs leading to Information Disclosure.
4.9CVSS
5.1AI Score
0.001EPSS
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.
7.2CVSS
7AI Score
0.001EPSS
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP Host Agent via SAP Landscape Management.
7.2CVSS
7.2AI Score
0.001EPSS
SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. This results in the possibility to execute these files as root user from a...
7.2CVSS
7.2AI Score
0.001EPSS
An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The di...
8.7CVSS
8.1AI Score
0.001EPSS
SAP Landscape Management allows an authenticateduser to read confidential data disclosed by the REST Provider Definitionresponse. Successful exploitation can cause high impact on confidentiality ofthe managed entities.
6.9CVSS
6.6AI Score
0.0005EPSS