Vulnerabilities > SAP > Solution Manager > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2023-36921 Improper Encoding or Escaping of Output vulnerability in SAP Solution Manager 7.20
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request.
network
low complexity
sap CWE-116
7.2
2023-07-11 CVE-2023-36925 Server-Side Request Forgery (SSRF) vulnerability in SAP Solution Manager 7.20
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests.
network
low complexity
sap CWE-918
7.2
2020-03-10 CVE-2020-6198 Improper Authentication vulnerability in SAP Solution Manager 7.20
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources.
network
low complexity
sap CWE-287
7.5
2014-07-31 CVE-2014-5175 Improper Authentication vulnerability in SAP Solution Manager 7.1
The License Measurement servlet in SAP Solution Manager 7.1 allows remote attackers to bypass authentication via unspecified vectors, related to a verb tampering attack and SAP_JTECHS.
network
low complexity
sap CWE-287
7.5
2014-04-10 CVE-2013-7363 Unspecified vulnerability in SAP Solution Manager
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol.
network
low complexity
sap
7.5