CVE-2020-6234

7.2HIGH

Key Information:

Vendor: SAP
Status: SAP Host Agent
Vendor: CVE Published:; 14 April 2020

Summary

SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.

Affected Version(s)

SAP Host Agent < 7.21

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2902645

x_refsource_MISC

http://seclists.org/fulldisclosure/2021/Apr/5

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 14, 2020
Vulnerability Reserved
Jan 8, 2020