SAP® and Oracle® Security Advisories
Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.
08/16/2024
Unauthenticated potential RCE in FM_GPCR_OS_COMMAND P4 service
Unauthenticated potential RCE in FM_GPCR_OS_COMMAND P4 service Impact On Business An unauthenticated attacker with access to the P4 port of a SAP Solution Manager java-based instance, could be able to execute OS commands and potentially compromise the targeted system Affected Components Description Tested on following versions: Java Kernel versions: 7.50.3301.472568.20220902101413 7.50.3301.467525.20210601093523 7.50.3301.407179.20200416085516 SERVERCORE/CORE-TOOLS/J2EE-FRMW components…
08/16/2024
Unauthenticated blind SSRF in SmdSapHostAgentBridge
Unauthenticated blind SSRF in SmdSapHostAgentBridge Impact On Business An anonymous attacker with access to the P4 port of the Java instance of a Solution Manager, could force the Diagnostic Agent to perform arbitrary server side requests. As a consequence, internal infrastructure could be affected leveraging the network position. Affected Components Description Tested on following versions:…
08/13/2024
Unauthenticated blind SSRF in SAPGrmgClassicCollector
Unauthenticated blind SSRF in SAPGrmgClassicCollector Impact On Business An anonymous attacker with access to the P4 port of the Java instance of a Solution Manager, could force the Diagnostic Agent to perform arbitrary server side requests. As a consequence, internal infrastructure could be affected leveraging the network position. Affected Components Description Tested on following versions:…
06/14/2021
Denial of Service Vulnerability in SAP SolMan
Impact On Business Any authenticated user of the Solution Manager is able to either perform a Denial of Service or read sensitive information from every SMD Agent connected to the targeted SolMan. Affected Components Description SAP SolMan 7.2 introduces a bunch of web services which run on top of the SAP Java NetWeaver stack. The…
06/14/2021
Missing authorization check in SAP Solution Manager
Impact On Business Due to a missing authorization check in SAP Solution Manager LM-SERVICE component a remote authenticated attacker could be able to execute privileged actions in the affected system, including the execution of operating system commands. Affected Components Description A core component of the SAP Solution Manager, LM-SERVICE is affected by this vulnerability. For…
06/14/2021
SAP Solution Manager Open Redirect from Trace Analysis
Impact On Business Under certain circumstances, an attacker might be able to steal a cookie from the application. It may impact the confidentiality of the service. Affected Components Description SAP Solution Manager 7.2 (Check SAP Note 2938650 for detailed information on affected releases) Vulnerability Details An open redirect vulnerability exists in the application E2E Trace…