Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap solution manager - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-10005
Webdynpro in SAP Solman 7.1 up to and including 7.31 allows remote malicious users to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524.
Sap Solution Manager 7.1
Sap Solution Manager 7.20
Sap Solution Manager 7.31
4
CVSSv2
CVE-2019-0293
Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, prior to 2008_1_700, 2008_1_710, and 740).
Sap Sap Solution Manager System 2008 1 710
Sap Sap Solution Manager System 2008 1 740
Sap Sap Solution Manager System 2008 1 700
4.3
CVSSv2
CVE-2020-6369
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated malicious users to bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator.This may impac...
Sap Focused Run 9.7
Sap Focused Run 10.1
Sap Focused Run 10.5
Sap Focused Run 10.7
Sap Solution Manager 9.7
Sap Solution Manager 10.1
Sap Solution Manager 10.5
Sap Solution Manager 10.7
NA
CVE-2022-41275
In SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attac...
Sap Solution Manager 740
Sap Solution Manager 750
3.5
CVSSv2
CVE-2018-2405
SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an malicious user to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting.
Sap Solution Manager 7.20
Sap Solution Manager 7.10
5
CVSSv2
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Sap Netweaver -
Sap Netweaver Solution Manager 7.0
Sap Netweaver Solution Manager 7.1
7.5
CVSSv2
CVE-2013-7363
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote malicious users to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol.
Sap Solution Manager -
NA
CVE-2023-27893
An attacker authenticated as a user with a non-administrative role and a common remote execution authorization in SAP Solution Manager and ABAP managed systems (ST-PI) - versions 2088_1_700, 2008_1_710, 740, can use a vulnerable interface to execute an application function to per...
Sap Solution Manager 740
NA
CVE-2023-36921
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an malicious user to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confid...
Sap Solution Manager 7.20
NA
CVE-2023-36925
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated malicious user to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications th...
Sap Solution Manager 7.20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »