Missing Authentication in SAP Solution Manager Diagnostics Agent
CVE-2020-6235
8.6HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 April 2020
What is CVE-2020-6235?
The SAP Solution Manager (Diagnostics Agent) version 7.2 has a vulnerability where it fails to enforce authentication checks for the Collector Simulator functionalities. This oversight can potentially allow unauthorized access to sensitive components, posing a risk of exposure and exploitation by malicious actors. It is crucial for organizations utilizing this product to address this security gap to mitigate risks associated with improper access.
Affected Version(s)
SAP Solution Manager (Diagnostics Agent) < 7.2