CVE-2020-6234
7.2
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Host Agent | < 7.21 | affected |
Weaknesses
- Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
- https://launchpad.support.sap.com/#/notes/2902645
- http://seclists.org/fulldisclosure/2021/Apr/5
- http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
- https://launchpad.support.sap.com/#/notes/2902645
- http://seclists.org/fulldisclosure/2021/Apr/5
- http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.