VYPR

Diagnostics Agent

by SAP

CVEs (2)

  • CVE-2023-27497Apr 11, 2023
    risk 0.00cvss epss 0.01

    Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can…

  • CVE-2023-27267Apr 11, 2023
    risk 0.00cvss epss 0.14

    Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP Diagnostics Agent - version 720, allows an attacker with deep knowledge of the system to execute scripts on all connected Diagnostics Agents. On successful exploitation, the attacker…