CVEブラウザに戻る

CVE-2020-6191

HIGH

7.2

CVSS Severity Score

EPSS Score0.0730%

EPSS Percentile43.59th

Published2020年2月12日

Last Modified2024年11月21日

Vulnerability Description

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.

Affected Platforms (CPE)

📦

Sap

Landscape Management

= 3.0

References & Advisories

🔗 https://launchpad.support.sap.com/#/notes/2878030

🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812

🔗 https://launchpad.support.sap.com/#/notes/2878030

🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812

関連する脆弱性情報

CVE-2019-02497.5

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be rest...

CVE-2020-61927.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges...

CVE-2020-62367.2

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to...

CVE-2019-03804.9

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ defaul...