Description
The Diagnostics Agent allows P4 connections from unauthenticated sources to an insecure Server port. This allows an attacker to control all remote functions on the Agent. As a result:
- Sensitive Data stored in the configuration can be accessed by attackers,
- Commands can be executed with the permissions of the <SID>adm user of the Agent; this includes modification of sensitive data,
- The Agent can be shut down, disabling the monitoring and causing it to be unavailable.
Available fix and Supported packages
- LM-SERVICE | 7.20 | 7.20
- SOLMANDIAG 720 | SP004 | 000011
- SOLMANDIAG 720 | SP005 | 000012
- SOLMANDIAG 720 | SP006 | 000013
- SOLMANDIAG 720 | SP007 | 000019
- SOLMANDIAG 720 | SP008 | 000015
- SOLMANDIAG 720 | SP009 | 000007
- SOLMANDIAG 720 | SP010 | 000001
Affected component
- SV-SMG-DIA-SRV-AGT
Agent Framework
CVSS
Score: 9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2845377