4 matches found
CVE-2019-0330
The CVE-2019-0330 issue affects SAP Diagnostics Agent (LM-Service) version 7.2, specifically the OS Command Plugin in GPA_ADMIN and the OSCommand Console. Root cause: insufficient input sanitization leading to OS command injection. Impact: attacker could inject commands and potentially control th...
CVE-2023-27497
CVE-2023-27497 affects SAP Diagnostics Agent version 720, where the EventLogServiceCollector is vulnerable due to missing authentication and input sanitization. This allows an attacker to execute malicious scripts on all connected Diagnostics Agents on Windows, potentially compromising confidenti...
CVE-2019-0390
CVE-2019-0390 affects SAP Data Hub and is described in multiple sources as an information-disclosure vulnerability where Connection Manager stores details that become visible to users. The description notes that the issue is corrected in DH_Foundation version 2; other references describe an attac...
CVE-2023-27267
CVE-2023-27267 affects SAP Diagnostics Agent OSCommand Bridge (version 720). Root cause: lack of authentication and insufficient input validation allowing script execution across connected Diagnostics Agents. Impact: potential full confidentiality, integrity and availability compromise. Exploitat...