// For flags

CVE-2020-6369

 

Severity Score

5.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator.This may impact the confidentiality of the service.

SAP Solution Manager y SAP Focused Run (actualización provista en WILY_INTRO_ENTERPRISE versiones 9.7, 10.1, 10.5, 10.7), permite a atacantes no autenticados omitir la autenticación si el administrador no ha cambiado las contraseñas predeterminadas para el usuario Admin e Guest. Esto puede afectar la confidencialidad del servicio

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-01-08 CVE Reserved
  • 2020-10-20 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-08-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sap
Search vendor "Sap"
Focused Run
Search vendor "Sap" for product "Focused Run"
9.7
Search vendor "Sap" for product "Focused Run" and version "9.7"
-
Affected
Sap
Search vendor "Sap"
Focused Run
Search vendor "Sap" for product "Focused Run"
10.1
Search vendor "Sap" for product "Focused Run" and version "10.1"
-
Affected
Sap
Search vendor "Sap"
Focused Run
Search vendor "Sap" for product "Focused Run"
10.5
Search vendor "Sap" for product "Focused Run" and version "10.5"
-
Affected
Sap
Search vendor "Sap"
Focused Run
Search vendor "Sap" for product "Focused Run"
10.7
Search vendor "Sap" for product "Focused Run" and version "10.7"
-
Affected
Sap
Search vendor "Sap"
Solution Manager
Search vendor "Sap" for product "Solution Manager"
9.7
Search vendor "Sap" for product "Solution Manager" and version "9.7"
-
Affected
Sap
Search vendor "Sap"
Solution Manager
Search vendor "Sap" for product "Solution Manager"
10.1
Search vendor "Sap" for product "Solution Manager" and version "10.1"
-
Affected
Sap
Search vendor "Sap"
Solution Manager
Search vendor "Sap" for product "Solution Manager"
10.5
Search vendor "Sap" for product "Solution Manager" and version "10.5"
-
Affected
Sap
Search vendor "Sap"
Solution Manager
Search vendor "Sap" for product "Solution Manager"
10.7
Search vendor "Sap" for product "Solution Manager" and version "10.7"
-
Affected