SAP Landscape Management 3.0 Vulnerability: Privilege Escalation via Missing Input Validation

SAP Landscape Management 3.0 Vulnerability: Privilege Escalation via Missing Input Validation

CVE-2020-6191 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.

Learn more about our Web Application Penetration Testing UK.