CVE-2020-6364

10CRITICAL

Key Information:

Vendor
SAP
Status
SAP Solution Manager (ca Introscope Enterprise Manager) And SAP Focused Run (ca Introscope Enterprise Manager)
Vendor
CVE Published:
15 October 2020

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.

Affected Version(s)

SAP Solution Manager (CA Introscope Enterprise Manager) and SAP Focused Run (CA Introscope Enterprise Manager) < WILY_INTRO_ENTERPRISE 9.7 < WILY_INTRO_ENTERPRISE 9.7

SAP Solution Manager (CA Introscope Enterprise Manager) and SAP Focused Run (CA Introscope Enterprise Manager) < 10.1 < 10.1

SAP Solution Manager (CA Introscope Enterprise Manager) and SAP Focused Run (CA Introscope Enterprise Manager) < 10.5 < 10.5

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-6364
Created by gquere

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...
x_refsource_MISC
https://launchpad.support.sap.com/#/notes/2969828
x_refsource_MISC
http://seclists.org/fulldisclosure/2021/Jun/28
mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.