Description
An attacker with Host Agent admin privileges may use the SAP Host Agent’s Operation Framework to gain root privileges over the underlying operating system.
Available fix and Supported packages
- SAPHOSTAGENT | 7.21 | 7.21
- SAP HOST AGENT 7.21 | SP046 | 000000
Affected component
- BC-CCM-HAG
Host Agent
CVSS
Score: 7.2
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2902645