SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a directory traversal vulnerability.
21f7a32eca5fb5a3b8445fec64e7ee2ee32522fbdc628503458df594e9a7032b
SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from an information disclosure vulnerability.
e6bbb17d10e51c2a6468f2275ea1b37f96888236eb62d3802793851e50ffdccd
The SAP Fiori launchpad suffers from a cross site scripting vulnerability. Various component versions are affected.
db47646a2f3d2bb8348e08cb11a244ee0d30ad7a58eb9df5ec57aa33b272ac5d
SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a missing authentication vulnerability.
5c8014f4a69c7fe9a551e4725cc39d20b7a332930fd0b9c44139ca795ce4f0e4
SAP Focused Run versions 2.00 and 3.00 suffer from a cross site scripting vulnerability.
2277fba0775e46b0814879b36b6340c560ce3825acdc9d2a5bff7b238e6c20e9
SAP Web Dispatcher suffers from an HTTP request smuggling vulnerability.
13d3e2b23a840dab61234f2b6d3787259a7efde984a35e90339e0cdc4c879d9a
SAP Enterprise Portal with ENGINEAPI versions 7.10, 7.30, 7.31, 7.40, and 7.50 suffers from an XSLT injection vulnerability.
da6ac9ab738f2080b02cc97608aef6a101c7d751b2f8886505ca291243379d5f
SAP CommonCryptoLib suffers from a null pointer dereference vulnerability. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error causing the system to crash and remain unavailable.
4e1a256c3f431f4168136d27f62d96f748180dc8bdcac0d78e7fd1c23eb39487
SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from an open redirection vulnerability.
31e789c3fc612f938cd56d5fab9f4d359a5679a1c9bc3ae446b98afd67ad0c83
SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a iviewCatcherEditor server-side request forgery vulnerability.
05b826d203ad0d9639e1eddd559c1655d47d3c184d59c75033d4f4a70566519d
SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from a RunContentCreation cross site scripting vulnerability.
df15ae63bb5d2b8fdb14db62a9d66eaecfae3239f8b258e8b84c90806fe26742
SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a NavigationReporter cross site scripting vulnerability.
ee2d0a75bef9c35261f7c80c337b71a54f659bac383ea7ae746759f207a06a8c
SAP Enterprise Portal suffers from an sensitive information disclosure vulnerability in the com.sapportals.navigation.testComponent.NavigationRequestSniffer servlet.
4a8db7aa8f258b1769fbf97ddef33a9c7b31c57775fc5b0aaae9d89f1808d5c0
The SAP NetWeaver ABAP IGS service suffers from multiple memory corruption vulnerabilities.
2d1f0734303783a8b47a886f91b23670d4395d5d4ed4501f6e4af6001b97b2b7
The SAP NetWeaver ABAP Gateway service suffers from multiple memory corruption vulnerabilities.
da1fec63d0f864232e684c79171e0e2cc4a5296c2ce6bd0702518810eabac2ea
SAP NetWeaver ABAP Enqueue service suffers from multiple memory corruption vulnerabilities.
311841e1ce77e5cac126339df98efcba8eda52f242b8a567340833179c8bd6c5
SAP NetWeaver ABAP Dispatcher service suffers from memory corruption vulnerabilities. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash and rendering it unavailable.
17cc60af5d9b943931eeb5cd66b2a4f367a1a9b045b6aa0fe83114111e1f2e37
Due to a missing authorization check in the SAP Solution Manager version 7.20 LM-SERVICE component, a remote authenticated attacker could be able to execute privileged actions in the affected system, including the execution of operating system commands.
ad2a546198819c5e3808faa124d00d50475caa98031463ff99dd70806f19a4fd
SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from having default hard-coded credentials.
472008089fe805ca278b030c1c5074c99b2877ee00a4db2ac51d3e76c1b7e7e4
SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from a command injection vulnerability.
98a2961b16ad9e9f794ffa70067807ac00d45185e9401b26dfb8f0385594eaf6
SAP Solution Manager version 7.2 (ST 720) suffers from an open redirection vulnerability.
be314dee601c6b7d96a925a535be63d81b445ebec3bcdd2a0214aea82ebc5152
This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.
0d5122d6fb0ba7f681b7229fc5c197780b51710c6395404115ad8686072b2b08