Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap solution manager 7.20 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-10005
Webdynpro in SAP Solman 7.1 up to and including 7.31 allows remote malicious users to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524.
Sap Solution Manager 7.1
Sap Solution Manager 7.20
Sap Solution Manager 7.31
7.2
CVSSv3
CVE-2023-36921
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an malicious user to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confid...
Sap Solution Manager 7.20
7.2
CVSSv3
CVE-2023-36925
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated malicious user to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications th...
Sap Solution Manager 7.20
6.1
CVSSv3
CVE-2020-26836
SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as ...
Sap Solution Manager 7.20
5.5
CVSSv3
CVE-2022-41261
SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation ...
Sap Solution Manager 7.20
5.4
CVSSv3
CVE-2018-2405
SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an malicious user to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting.
Sap Solution Manager 7.20
Sap Solution Manager 7.10
5.3
CVSSv3
CVE-2020-6261
SAP Solution Manager (Trace Analysis), version 7.20, allows an malicious user to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired.
Sap Solution Manager 7.20
5.3
CVSSv3
CVE-2020-6260
SAP Solution Manager (Trace Analysis), version 7.20, allows an malicious user to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist.
Sap Solution Manager 7.20
4.9
CVSSv3
CVE-2021-21483
Under certain conditions SAP Solution Manager, version - 720, allows a high privileged malicious user to get access to sensitive information which has a direct serious impact beyond the exploitable component thereby affecting the confidentiality in the application.
Sap Solution Manager 7.20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2