Skip links

CVE-2020-6198 Missing Authentication check in SAP Solution Manager (Diagnostics Agent), SAP security note 2845377

Description

The Diagnostics Agent allows P4 connections from unauthenticated sources to an insecure Server port. This allows an attacker to control all remote functions on the Agent. As a result:

  • Sensitive Data stored in the configuration can be accessed by attackers,
  • Commands can be executed with the permissions of the <SID>adm user of the Agent; this includes modification of sensitive data,
  • The Agent can be shut down, disabling the monitoring and causing it to be unavailable.

Available fix and Supported packages

  • LM-SERVICE | 7.20 | 7.20
  • SOLMANDIAG 720 | SP004 | 000011
  • SOLMANDIAG 720 | SP005 | 000012
  • SOLMANDIAG 720 | SP006 | 000013
  • SOLMANDIAG 720 | SP007 | 000019
  • SOLMANDIAG 720 | SP008 | 000015
  • SOLMANDIAG 720 | SP009 | 000007
  • SOLMANDIAG 720 | SP010 | 000001

Affected component

    SV-SMG-DIA-SRV-AGT
    Agent Framework

CVSS

Score: 9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2845377

TAGS

#broken-authentication
#p4-server-port
#p4s
#CVE-2020-6198