Описание
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by default. By decoding these credentials, an attacker with admin privileges could gain access to the entire configuration, but no system sensitive information can be gained.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
2.4 Low
CVSS3
2.7 Low
CVSS2
Дефекты
Связанные уязвимости
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by default. By decoding these credentials, an attacker with admin privileges could gain access to the entire configuration, but no system sensitive information can be gained.
Уязвимость платформы управления программными средами SAP Solution Manager, связанная с недостатками управления регистрационными данными, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
2.4 Low
CVSS3
2.7 Low
CVSS2