Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an malicious user to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap diagnostics_agent 720 |