4 matches found
CVE-2022-24399
SAP Focused Run (Real User Monitoring) FRUN 2.00 (2.00) and FRUN 3.00 (3.00) REST service are affected by a Cross-Site Scripting (XSS) flaw. The root cause is insufficient sanitization of the multipart/form-data input file name, enabling XSS in some contexts. Remediation/workarounds cited in conn...
CVE-2022-27657
CVE-2022-27657 affects SAP Focused Run (Simple Diagnostics Agent 1.0) 1.0. The vulnerability is a directory traversal flaw caused by insufficient validation of path information, allowing a highly privileged remote attacker to display contents of restricted directories. The issue is tied to Simple...
CVE-2020-6369
CVE-2020-6369 affects SAP Solution Manager and SAP Focused Run. The issue allows an unauthenticated attacker to bypass login if the default passwords for Admin and Guest are not changed, impacting confidentiality. Affected versions are SAP Solution Manager and SAP Focused Run with updates in WILY...
CVE-2021-27609
CVE-2021-27609 concerns SAP Focused RUN versions 200 and 300, where an authenticated user can skip proper authorization checks on the oData service and manipulate the activation of the SAP EarlyWatch Alert data collection and transmission. Multiple connected sources (including RH, CNVD, CVE listi...