daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2020-6207.yaml

patch-1
Sandeep Singh 2021-07-26 18:26:19 +05:30 committed by GitHub
parent 8938010a7a
commit 8130cd2c3b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2020/CVE-2020-6207.yaml
View File

@ -4,7 +4,7 @@ info:
name: SAP Solution Manager remote unauthorized OS commands execution
author: _generic_human_
severity: critical
tags: cve,sap,solman,rce
tags: cve,cve2020,sap,solman,rce
description: |
SAP Solution Manager (SolMan) running version 7.2 has CVE-2020-6207 vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem). The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent.
reference: