An authentication vulnerability in SAP Solution Manager can lead to a compromise of other connected SAP applications, researchers say. The authentication flaw exploit, now tracked as CVE-2020-6207, was published on GitHub. Remote actors can exploit this vulnerability to run commands to achieve full privileges. The vulnerability has a CVSSv3 score of 10.0, the highest risk level, the research report says. But wide exploitation of the vulnerability is unlikely because of the complex nature of SAP’s infrastructure, researcher says.”]
Source: https://www.cuinfosecurity.com/researchers-identify-sap-flaw-exploit-a-15829