PT-2020-19142 · Sap · Sap Focused Run+1
Yvan Genuer
·
Published
2020-10-20
·
Updated
2022-08-22
·
CVE-2020-6369
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SAP Solution Manager and SAP Focused Run versions 9.7, 10.1, 10.5, 10.7
Description
The issue allows an unauthenticated attacker to bypass authentication if the default passwords for
Admin and Guest have not been changed by the administrator. This may impact the confidentiality of the service.Recommendations
For versions 9.7, 10.1, 10.5, 10.7, update to the version provided in WILY INTRO ENTERPRISE to resolve the issue.
As a temporary workaround, consider changing the default passwords for
Admin and Guest to prevent unauthorized access.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sap Focused Run
Sap Solution Manager