Vulnerabilities > SAP > Diagnostics Agent > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-27497 | Missing Authentication for Critical Function vulnerability in SAP Diagnostics Agent 720 Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. | 9.8 |
| 2019-07-10 | CVE-2019-0330 | Code Injection vulnerability in SAP Diagnostics Agent 7.20 The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application. | 9.1 |