Lucene search

[email protected]CVE-2020-6364

HistoryOct 15, 2020 - 2:15 a.m.

CVE-2020-6364

2020-10-1502:15:12

CWE-78

[email protected]

web.nvd.nist.gov

sap

solution manager

focused run

vulnerability

code injection

cookie modification

os commands

ca introscope enterprise manager

nvd

cve-2020-6364

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.

Affected configurations

NVD

Node

sapintroscope_enterprise_managerMatch9.7

sapintroscope_enterprise_managerMatch10.1

sapintroscope_enterprise_managerMatch10.5

sapintroscope_enterprise_managerMatch10.7

CPENameOperatorVersion
sap:introscope_enterprise_managersap introscope enterprise managereq9.7
sap:introscope_enterprise_managersap introscope enterprise managereq10.1
sap:introscope_enterprise_managersap introscope enterprise managereq10.5
sap:introscope_enterprise_managersap introscope enterprise managereq10.7

CPE	Name	Operator	Version
sap:introscope_enterprise_manager	sap introscope enterprise manager	eq	9.7
sap:introscope_enterprise_manager	sap introscope enterprise manager	eq	10.1
sap:introscope_enterprise_manager	sap introscope enterprise manager	eq	10.5
sap:introscope_enterprise_manager	sap introscope enterprise manager	eq	10.7

CNA Affected

[
  {
    "product": "SAP Solution Manager (CA Introscope Enterprise Manager) and SAP Focused Run (CA Introscope Enterprise Manager)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< WILY_INTRO_ENTERPRISE 9.7"
      },
      {
        "status": "affected",
        "version": "< 10.1"
      },
      {
        "status": "affected",
        "version": "< 10.5"
      },
      {
        "status": "affected",
        "version": "< 10.7"
      }
    ]
  }
]

References

packetstormsecurity.com/files/163153/SAP-Wily-Introscope-Enterprise-OS-Command-Injection.html

seclists.org/fulldisclosure/2021/Jun/28

launchpad.support.sap.com/#/notes/2969828

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2020-6364

attackerkb1 cisa1 nvd1 prion1 cvelist1