Skip to main content

Landscape Management

8 CVEs product

Monthly

CVE-2024-39593 MEDIUM This Month

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD
CVSS 3.1
5.7
EPSS
0.3%
CVE-2023-26458 HIGH This Week

An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Java Information Disclosure Landscape Management
NVD
CVSS 3.1
8.7
EPSS
0.6%
CVE-2020-6236 HIGH This Week

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Adaptive Extensions Landscape Management
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2020-6192 HIGH This Week

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP Host Agent via SAP Landscape Management. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Landscape Management
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2020-6191 HIGH This Week

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Landscape Management
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2019-0380 MEDIUM This Month

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2019-0261 CRITICAL Act Now

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Landscape Management
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2019-0249 HIGH This Week

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD
CVSS 3.0
7.5
EPSS
1.7%
EPSS 0% CVSS 5.7
MEDIUM This Month

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD
EPSS 1% CVSS 8.7
HIGH This Week

An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Java Information Disclosure +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Adaptive Extensions +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP Host Agent via SAP Landscape Management. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Landscape Management
NVD
EPSS 2% CVSS 7.2
HIGH This Week

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Landscape Management
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Landscape Management
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Landscape Management
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy