SAP Sap Solution Manager System 2008 1 700 Remote Code Execution Vulnerability
SAP Solution Manager
Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, before versions 2008_1_700, 2008_1_710, and 740).
The information has been provided by SAP.
The original article can be found at: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
SAP Solution Manager is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
- SAP Solution Manager ST-PI 740
- SAP Solution Manager ST-PI 2008_1_710
- SAP Solution Manager ST-PI 2008_1_700