Unrated severityCISA KEVNVD Advisory· Published Mar 10, 2020· Updated Oct 21, 2025

CVE-2020-6207

Description

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

Affected products

SAP SE/SAP Solution Manager (User Experience Monitoring)v5
Range: < 7.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/161993/SAP-Solution-Manager-7.2-Remote-Command-Execution.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/162083/SAP-SMD-Agent-Unauthenticated-Remote-Code-Execution.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/163168/SAP-Solution-Manager-7.20-Missing-Authorization.htmlmitrex_refsource_MISC
seclists.org/fulldisclosure/2021/Apr/4mitremailing-listx_refsource_FULLDISC
seclists.org/fulldisclosure/2021/Jun/34mitremailing-listx_refsource_FULLDISC
launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000