Security News > 2021 > January > SAP SolMan exploit released for max severity pre-auth flaw

Fully-functional exploit code is now publicly available for a maximum severity pre-auth vulnerability impacting default configurations of an SAP Solution Manager component.

SAP SolMan is an application lifecycle manager deployed in almost all SAP environments and designed to help unify the management of all SAP and non-SAP systems within a single interface.

It can be remotely exploited in low complexity attacks by unauthenticated attackers with access to the SolMan HTTP(s) port, with no user interaction required, which explains its 10/10 CVSS3 severity rating given by SAP. Although the vulnerability was disclosed and patched by SAP in March 2020, this is the first time that public exploit code was released which drastically lowers the skill level needed by attackers to exploit servers unpatched against CVE-2020-6207.

"While exploits are released regularly online, this hasn't been the case for SAP vulnerabilities, for which publicly available exploits have been limited," Onapsis Research Labs, who first spotted the public exploit after being published by a security researcher on GitHub, said in a report published earlier this week.

To fully mitigate attacks attempting to exploit CVE-2020-6207 on their SAP systems, organizations have to apply the security update released by SAP in March 2020.

The security researcher who published the CVE-2020-6207 exploit code on GitHub also released a proof-of-concept exploit for another maximum severity remote code execution vulnerability in the SAP NetWeaver AS JAVA component, discovered and named RECON by Onapsis.

News URL

https://www.bleepingcomputer.com/news/security/sap-solman-exploit-released-for-max-severity-pre-auth-flaw/