Host Agent@7.22 Security Vulnerabilities and Issues — Host Agent@7.22 CVE List

Lucene search

SapHost Agent7.22

9 matches found

CVE•added 2022/06/14 5:15 p.m.•90 views

CVE-2022-29612

SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(...

4.3CVSS4.2AI score0.00148EPSS

CVE•added 2022/05/11 3:15 p.m.•82 views

CVE-2022-28774

Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.

5.5CVSS5.4AI score0.00045EPSS

CVE•added 2022/06/14 7:15 p.m.•69 views

CVE-2022-29614

SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bi...

5CVSS5.3AI score0.00076EPSS

CVE•added 2022/09/13 4:15 p.m.•64 views

CVE-2022-35295

In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves.

4.9CVSS5.3AI score0.003EPSS

CVE•added 2023/03/14 6:15 a.m.•53 views

CVE-2023-27498

SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assigned to the SAP Start Service to submit a crafted request which results in a memory corruption error. This error can be used to reveal but not modify any technical information about...

7.2CVSS7AI score0.0018EPSS

CVE•added 2023/02/14 4:15 a.m.•50 views

CVE-2023-24523

An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...

8.8CVSS8.2AI score0.00036EPSS

CVE•added 2023/01/10 3:15 a.m.•45 views

CVE-2023-0012

In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to lo...

6.7CVSS6.2AI score0.0004EPSS

CVE•added 2023/08/08 1:15 a.m.•45 views

CVE-2023-36926

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker can set an undocumented parameter to a particular compatibility value and in turn call read functions. This allows the attacker to gather some non-sensitive information about the server. There is no im...

5.3CVSS4.8AI score0.00219EPSS

CVE•added 2024/11/12 1:15 a.m.•40 views

CVE-2024-47595

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.

7.1CVSS6.2AI score0.00018EPSS