SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2021/Apr/5 | Mailing List Third Party Advisory |
https://launchpad.support.sap.com/#/notes/2902645 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 | Vendor Advisory |
http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2021/Apr/5 | Mailing List Third Party Advisory |
https://launchpad.support.sap.com/#/notes/2902645 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 | Vendor Advisory |
Configurations
History
21 Nov 2024, 05:35
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html - Third Party Advisory, VDB Entry | |
References | () http://seclists.org/fulldisclosure/2021/Apr/5 - Mailing List, Third Party Advisory | |
References | () https://launchpad.support.sap.com/#/notes/2902645 - Permissions Required, Vendor Advisory | |
References | () https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 - Vendor Advisory |
Information
Published : 2020-04-14 19:15
Updated : 2024-11-21 05:35
NVD link : CVE-2020-6234
Mitre link : CVE-2020-6234
CVE.ORG link : CVE-2020-6234
JSON object : View
Products Affected
sap
- host_agent
CWE