Search
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49587 | 1 Sap | 1 Solution Manager | 2023-12-14 | N/A | 6.4 MEDIUM |
| SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network. | |||||
| CVE-2020-6261 | 1 Sap | 1 Solution Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired. | |||||
| CVE-2020-6369 | 1 Sap | 2 Focused Run, Solution Manager | 2021-06-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator.This may impact the confidentiality of the service. | |||||
| CVE-2020-26836 | 1 Sap | 1 Solution Manager | 2021-06-17 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack. | |||||
| CVE-2021-21483 | 1 Sap | 1 Solution Manager | 2021-04-20 | 4.0 MEDIUM | 4.9 MEDIUM |
| Under certain conditions SAP Solution Manager, version - 720, allows a high privileged attacker to get access to sensitive information which has a direct serious impact beyond the exploitable component thereby affecting the confidentiality in the application. | |||||
| CVE-2019-0291 | 1 Sap | 1 Solution Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Under certain conditions Solution Manager, version 7.2, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2020-6260 | 1 Sap | 1 Solution Manager | 2020-06-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist. | |||||
| CVE-2018-2405 | 1 Sap | 1 Solution Manager | 2019-10-09 | 3.5 LOW | 5.4 MEDIUM |
| SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting. | |||||