Memory Consumption Vulnerability in SAP Solution Manager by SAP
CVE-2020-6271

8.2HIGH

Key Information:

Vendor: SAP
Status: SAP Solution Manager (problem Context Manager)
Vendor: CVE Published:; 10 June 2020

Summary

The vulnerability in SAP Solution Manager allows attackers to exploit weak authentication measures within the Problem Context Manager. This can lead to excessive memory consumption, resulting in system crashes. Additionally, it poses a risk of unauthorized access to sensitive data, which is accessible by technical administration users of the diagnostics agent. Organizations utilizing affected versions of SAP Solution Manager should take immediate measures to mitigate this risk.

Affected Version(s)

SAP Solution Manager (Problem Context Manager) < 7.2

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2931391

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 10, 2020
Vulnerability Reserved
Jan 8, 2020