Denial of Service Vulnerability in SAP Host Agent Software
CVE-2020-6186

7.5HIGH

Key Information:

Vendor: SAP
Status: SAP Host Agent
Vendor: CVE Published:; 12 February 2020

Summary

The SAP Host Agent version 7.21 has a vulnerability that allows attackers to exploit username/password-based authentication mechanisms. This results in a significant slowdown of processing requests, which can disrupt normal operations and lead to service outages. Organizations utilizing this version are advised to implement security measures to mitigate the potential impact of such an exploitation.

Affected Version(s)

SAP Host Agent = 7.21

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2841053

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2020
Vulnerability Reserved
Jan 8, 2020