Vulnerabilities > SAP > Diagnostics Agent > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-27497 Unspecified vulnerability in SAP Diagnostics Agent 720
Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows.
network
low complexity
sap
critical
9.8
2019-07-10 CVE-2019-0330 Code Injection vulnerability in SAP Diagnostics Agent 7.20
The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application.
network
low complexity
sap CWE-94
critical
9.1