Vulnerability Details CVE-2020-6234
SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.3%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2021/Apr/5
- https://launchpad.support.sap.com/#/notes/2902645
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
- http://packetstormsecurity.com/files/162084/SAP-Host-Control-Local-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2021/Apr/5
- https://launchpad.support.sap.com/#/notes/2902645
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202
Products affected by CVE-2020-6234
-
cpe:2.3:a:sap:host_agent:7.21