Skip to main content

Introscope Enterprise Manager

2 CVEs product

Monthly

CVE-2026-0500 CRITICAL PATCH Act Now

SAP Wily Introscope Enterprise Manager uses a vulnerable third-party component that allows unauthenticated attackers to create malicious JNLP files at public URLs. Victims who click these URLs execute OS commands on their machines. Scope change. Patch available.

SAP Java Command Injection Introscope Enterprise Manager
NVD
CVSS 3.1
9.6
EPSS
0.1%
CVE-2020-6364 CRITICAL Act Now

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Command Injection Introscope Enterprise Manager
NVD
CVSS 3.1
10.0
EPSS
6.4%
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

SAP Wily Introscope Enterprise Manager uses a vulnerable third-party component that allows unauthenticated attackers to create malicious JNLP files at public URLs. Victims who click these URLs execute OS commands on their machines. Scope change. Patch available.

SAP Java Command Injection +1
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Command Injection Introscope Enterprise Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy