CVE-2020-6364 : SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.

Published 2020-10-15 02:15:13

Updated 2021-06-17 17:22:20

Source SAP SE

View at NVD, CVE.org

Products affected by CVE-2020-6364

SAP » Introscope Enterprise Manager » Version: 9.7
cpe:2.3:a:sap:introscope_enterprise_manager:9.7:*:*:*:*:*:*:*
Matching versions
SAP » Introscope Enterprise Manager » Version: 10.1
cpe:2.3:a:sap:introscope_enterprise_manager:10.1:*:*:*:*:*:*:*
Matching versions
SAP » Introscope Enterprise Manager » Version: 10.5
cpe:2.3:a:sap:introscope_enterprise_manager:10.5:*:*:*:*:*:*:*
Matching versions
SAP » Introscope Enterprise Manager » Version: 10.7
cpe:2.3:a:sap:introscope_enterprise_manager:10.7:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2020-6364

EPSS FAQ

31.92%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 96 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-6364

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
10.0	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H	3.9	6.0	SAP SE
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
10.0	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H	3.9	6.0	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-6364

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-6364

http://seclists.org/fulldisclosure/2021/Jun/28

Full Disclosure: Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager
Mailing List;Third Party Advisory
http://packetstormsecurity.com/files/163153/SAP-Wily-Introscope-Enterprise-OS-Command-Injection.html

SAP Wily Introscope Enterprise OS Command Injection ≈ Packet Storm
Third Party Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196

SAP Security Patch Day – October 2020 - Product Security Response at SAP - Community Wiki
Vendor Advisory

CVEs referencing this url
https://launchpad.support.sap.com/#/notes/2969828

SAP ONE Support Launchpad: Log On
Permissions Required;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2020-6364

Products affected by CVE-2020-6364

Exploit prediction scoring system (EPSS) score for CVE-2020-6364

CVSS scores for CVE-2020-6364

CWE ids for CVE-2020-6364

References for CVE-2020-6364