CVE-2023-36925

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jul 11, 2023
Updated: Jul 18, 2023
CWE ID 918

Summary

CVE-2023-36925 is a vulnerability affecting the Diagnostics agent in SAP Solution Manager version 7.20. This issue permits unauthenticated attackers to execute HTTP requests blindly. The exploitation of this vulnerability can result in a limited impact on the application's confidentiality and availability. Additionally, since the Diagnostics Agent can reach other applications, these applications may also be affected.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SAP Solution Manager

Affected Vendors

  • SAP SE