Missing Authentication in SAP Solution Manager Diagnostics Agent
CVE-2020-6235

8.6HIGH

Key Information:

Vendor: SAP
Status: SAP Solution Manager (diagnostics Agent)
Vendor: CVE Published:; 14 April 2020

What is CVE-2020-6235?

The SAP Solution Manager (Diagnostics Agent) version 7.2 has a vulnerability where it fails to enforce authentication checks for the Collector Simulator functionalities. This oversight can potentially allow unauthorized access to sensitive components, posing a risk of exposure and exploitation by malicious actors. It is crucial for organizations utilizing this product to address this security gap to mitigate risks associated with improper access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP Solution Manager (Diagnostics Agent) < 7.2

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2906994

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 14, 2020
Vulnerability Reserved
Jan 8, 2020

JSON

SAP

What is CVE-2020-6235?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.