Vulnerabilities > SAP > Solution Manager > 720
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-49587 | Command Injection vulnerability in SAP Solution Manager 720 SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network. | 6.4 |
| 2023-02-14 | CVE-2023-0024 | Unspecified vulnerability in SAP Solution Manager 720 SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in Cross-Site Scripting vulnerability. | 5.4 |
| 2023-02-14 | CVE-2023-0025 | Unspecified vulnerability in SAP Solution Manager 720 SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources. | 5.4 |
| 2023-02-14 | CVE-2023-23852 | Unspecified vulnerability in SAP Solution Manager 720 SAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 |
| 2023-02-14 | CVE-2023-23855 | Unspecified vulnerability in SAP Solution Manager 720 SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. | 5.4 |