Description
SAP Solution Manager is a product developed by the software company SAP SE.
SAP Solution Manager (User Experience Monitoring), version 7.2, does not perform any authentication for a service (due to a Missing Authentication Check) resulting in complete compromise of all SMDAgents connected to the Solution Manager.
Remediation
Upgrade to the latest version of SAP Solution Manager.
References
Related Vulnerabilities
Java Unspesificed Vulnerability (CVE-2018-3139)
Oracle JRE CVE-2013-5787 Vulnerability (CVE-2013-5787)
Moodle Improper Check for Dropped Privileges Vulnerability (CVE-2019-14879)
WordPress Plugin SP Project & Document Manager SQL Injection (2.5.3)
WordPress Plugin WP Support Plus Responsive Ticket System Multiple Vulnerabilities (4.1)