Main Vulnerability Database Exploits ID:5388 - Exploit for Missing Authentication for Critical Function in SAP Solution Manager - CVE-2020-6207

ID:5388 - Exploit for Missing Authentication for Critical Function in SAP Solution Manager - CVE-2020-6207

Published: May 9, 2021

Vulnerability identifier: #VU49919

Vulnerability risk: High

CVE-ID: CVE-2020-6207

CWE-ID: CWE-306

Exploitation vector: Remote access

Vulnerable software:
SAP Solution Manager

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/admin/sap/cve_2020_6207_solman_rce

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to absent authentication checks within the User Experience Monitoring component. A remote non-authenticated attacker can compromise all SMDAgents connected to the Solution Manager.

Remediation

Install updates from vendor's website.

ID:5388 - Exploit for Missing Authentication for Critical Function in SAP Solution Manager - CVE-2020-6207

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human