Update CVE-2020-6207.yaml
parent
8938010a7a
commit
8130cd2c3b
|
@ -4,7 +4,7 @@ info:
|
|||
name: SAP Solution Manager remote unauthorized OS commands execution
|
||||
author: _generic_human_
|
||||
severity: critical
|
||||
tags: cve,sap,solman,rce
|
||||
tags: cve,cve2020,sap,solman,rce
|
||||
description: |
|
||||
SAP Solution Manager (SolMan) running version 7.2 has CVE-2020-6207 vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem). The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent.
|
||||
reference:
|
||||
|
|
Loading…
Reference in New Issue