CVE-2020-6271

HIGH

SAP Solution Manager <7.2 - Memory Corruption

Title source: llm

Description

SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data (files visible for technical administration users of the diagnostics agent).

References (2)

[Vendor Advisory] https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775

[Permissions Required] https://launchpad.support.sap.com/#/notes/2931391

Scores

CVSS v3 8.2

EPSS 0.0053

EPSS Percentile 67.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Details

CWE

CWE-91

Status published

Products (1)

sap/solution_manager 7.2

Published Jun 10, 2020

Tracked Since Feb 18, 2026