Security News > 2020 > March > Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks

Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks
2020-03-11 18:06

SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news.

The most important of the notes address critical missing authorization checks in Solution Manager.

Providing central management for SAP and non-SAP systems, Solution Manager requires the installation of Solution Manager Diagnostic Agent on each host.

The attacker could then exploit other vulnerabilities to potentially gain access to the full SAP landscape.

Due to exploitation not requiring any kind of privileges, the bug is considered critical severity, Onapsis, a firm that specializes in securing Oracle and SAP applications, explains.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/3IBCQCEhqzM/critical-vulnerabilities-sap-solution-manager-expose-companies-attacks

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
SAP 329 25 680 386 113 1204