Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv3

CVE-2020-6364

Published: 15/10/2020 Updated: 17/06/2021
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 10 | Impact Score: 6 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Introscope Enterprise Manager

Vulnerability Summary

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an malicious user to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap introscope enterprise manager 9.7

sap introscope enterprise manager 10.1

sap introscope enterprise manager 10.5

sap introscope enterprise manager 10.7

Mailing Lists

Full Disclosure: Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager <!--X-Subject-Header-End ...

Github Repositories

https://github.com/gquere/CVE-2020-6364

Remote code execution in CA APM Team Center (Wily Introscope)

CVE-2020-6364 Remote code execution in CA APM Team Center (Wily Introscope) Original advisory A deserialization vulnerability in CA APM Team Center leads to unauthenticated remote code execution on the server When authenticating to the server a cookie is returned that starts with the infamous rO0 string indicating a base64-encoded serialized object: Although I haven't f

Recent Articles

It's 2020 and a rogue ICMPv6 network packet can pwn your Microsoft Windows machine
The Register • Thomas Claburn in San Francisco • 13 Oct 2020

Redmond urges folks to apply update ASAP – plus more fixes for Outlook and software from Adobe, Intel, SAP, Red Hat The seven deadly sins letting hackers hijack America's govt networks: These unpatched bugs leave systems open

Patch Tuesday Microsoft's Update Tuesday patch dump for October 2020 has delivered security patches that attempt to address 87 CVEs for a dozen Redmond products. Nadella's security crew has identified 22 remote code execution (RCE) CVEs though the most worrisome looks like CVE-2020-16898, Windows TCP/IP RCE, which is rated 9.8 out 10 in severity. It affects Windows desktop and server systems. According to Microsoft, the Windows TCP/IP stack doesn't properly handle ICMPv6 Router Advertisement pac...

Read more...

References

CWE-78https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196https://launchpad.support.sap.com/#/notes/2969828http://seclists.org/fulldisclosure/2021/Jun/28http://packetstormsecurity.com/files/163153/SAP-Wily-Introscope-Enterprise-OS-Command-Injection.htmlhttps://nvd.nist.govhttps://github.com/gquere/CVE-2020-6364http://seclists.org/fulldisclosure/2021/Jun/28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook