CVE-2022-28774
- EPSS 0.05%
- Veröffentlicht 11.05.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:57:54
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.
CVE-2020-6234
- EPSS 0.71%
- Veröffentlicht 14.04.2020 19:15:18
- Zuletzt bearbeitet 21.11.2024 05:35:21
SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.
CVE-2020-6186
- EPSS 0.51%
- Veröffentlicht 12.02.2020 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:15
SAP Host Agent, version 7.21, allows an attacker to cause a slowdown in processing of username/password-based authentication requests of the SAP Host Agent, leading to Denial of Service.
CVE-2020-6183
- EPSS 0.25%
- Veröffentlicht 12.02.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:35:15
SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of ...
CVE-2017-15297
- EPSS 2.63%
- Veröffentlicht 16.10.2017 16:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993.