Missing Authentication Check in SAP Solution Manager (Diagnostics Agent) 720: Allowing Unencrypted Connections from Unauthenticated Sources
CVE-2020-6198 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check.
Learn more about our Web Application Penetration Testing UK.