VYPR
Unrated severityNVD Advisory· Published Feb 12, 2020· Updated Aug 4, 2024

CVE-2020-6183

CVE-2020-6183

Description

SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of any directory, system hardware and OS details, leading to Missing Authorization Check vulnerability.

Affected products

2
  • SAP/Host Agentllm-fuzzy
    Range: = 7.21
  • SAP SE/SAP Host Agentv5
    Range: = 7.21

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.