Vulnerabilities > SAP > Solution Manager > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-36921 | Improper Encoding or Escaping of Output vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. | 7.2 |
| 2023-07-11 | CVE-2023-36925 | Server-Side Request Forgery (SSRF) vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. | 7.2 |
| 2020-03-10 | CVE-2020-6198 | Improper Authentication vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. | 7.5 |
| 2014-07-31 | CVE-2014-5175 | Improper Authentication vulnerability in SAP Solution Manager 7.1 The License Measurement servlet in SAP Solution Manager 7.1 allows remote attackers to bypass authentication via unspecified vectors, related to a verb tampering attack and SAP_JTECHS. | 7.5 |
| 2014-04-10 | CVE-2013-7363 | Unspecified vulnerability in SAP Solution Manager Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | 7.5 |