exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2020-6207

Status Candidate

Overview

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

Related Files

SAP Solution Manager 7.20 Missing Authorization
Posted Jun 15, 2021
Authored by Nahuel D. Sanchez, Pablo Artuso, Yvan Genuer | Site onapsis.com

Due to a missing authorization check in the SAP Solution Manager version 7.20 LM-SERVICE component, a remote authenticated attacker could be able to execute privileged actions in the affected system, including the execution of operating system commands.

tags | advisory, remote
advisories | CVE-2020-6207
MD5 | 62aaf9c152dbff873c27f124cdf380f7
SAP SMD Agent Unauthenticated Remote Code Execution
Posted Apr 6, 2021
Site onapsis.com

A malicious unauthenticated user could abuse the lack of authentication check on SAP Solution Manager User-Experience Monitoring web service, allowing them to remotely execute commands in all hosts connected to the targeted SolMan through these SMD Agents. Affected versions include SAP Solution Manager SP004 Patch 0011 and lower, SP005 Patch 0012 and lower, SP006 Patch 0013 and lower, SP007 Patch 0019 and lower, SP008 Patch 0015 and lower, SP009 Patch 0007 and lower, SP010 Patch 0001 and lower, and SP011 Patch 0003 and lower.

tags | advisory, web
advisories | CVE-2020-6207
MD5 | e5535b0f577e39ff37f7aeb0ba2b15b8
SAP Solution Manager 7.2 Remote Command Execution
Posted Mar 26, 2021
Authored by Dmitry Chastuhin, Pablo Artuso, Vladimir Ivanov, Yvan Genuer | Site metasploit.com

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.

tags | exploit, java, remote, web, shell
advisories | CVE-2020-6207
MD5 | 1c233a9f84fe24a1f701e2b602123168
Page 1 of 1
Back1Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close