CVE-2020-6191: Input Validation
First published: Wed Feb 12 2020(Updated: )
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Landscape Management | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-6191?
CVE-2020-6191 is a vulnerability in SAP Landscape Management version 3.0 that allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent.
How severe is CVE-2020-6191?
CVE-2020-6191 has a severity rating of 7.2 (critical).
How does CVE-2020-6191 affect SAP Landscape Management?
CVE-2020-6191 affects SAP Landscape Management version 3.0.
What is the CWE number for CVE-2020-6191?
The CWE number for CVE-2020-6191 is 20.
How can I fix CVE-2020-6191?
To fix CVE-2020-6191, it is recommended to apply the necessary patches and updates provided by SAP.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap landscape management
- version/sap landscape management/3.0