Vulnerabilities > SAP > Introscope Enterprise Manager

DATE CVE VULNERABILITY TITLE RISK
2020-10-15 CVE-2020-6364 OS Command Injection vulnerability in SAP Introscope Enterprise Manager
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection.
network
low complexity
sap CWE-78
critical
10.0