← back
CVE-2020-6207

CVE-2020-6207

CVSS 10 CRITICALEPSS 98.4%● KEVCWE-306
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 10EPSS 98.4%KEV simPoC públicaNuclei simMetasploit simPatch
Lifecycle
10 Mar 2020Published on NVD
03 Oct 2020Metasploit module available
14 Jan 2021Public PoC
03 Nov 2021Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

SAP Solution Manager version 7.2 has a service that doesn't require any login or authentication, allowing anyone to take complete control of all connected monitoring agents without needing credentials.

Technical detail

CWE-306 (Missing Authentication Check) in SAP Solution Manager 7.2 User Experience Monitoring allows unauthenticated access to a service, enabling attackers to compromise all SMDAgents connected to the instance. No valid credentials or prior authorization required; remote exploitation possible.

Summary generated and translated by AI from the official description.
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
SAP SE · SAP Solution Manager (User Experience Monitoring)
public PoCs found4
githubgithub.com/chipik/SAP_EEM_CVE-2020-620782cve_referencepacketstormsecurity.com/files/161993/SAP-Solution-Manager-7.2-Remote-Command-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/162083/SAP-SMD-Agent-Unauthenticated-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/163168/SAP-Solution-Manager-7.20-Missing-Authorization.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/161993/SAP-Solution-Manager-7.2-Remote-Command-Execution.htmlhttp://packetstormsecurity.com/files/162083/SAP-SMD-Agent-Unauthenticated-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/163168/SAP-Solution-Manager-7.20-Missing-Authorization.htmlhttp://seclists.org/fulldisclosure/2021/Apr/4http://seclists.org/fulldisclosure/2021/Jun/34https://launchpad.support.sap.com/#/notes/2890213https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-6207