CVE-2023-0012

CWE-284Improper Access ControlCWE-77Command Injection5 documents5 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 72.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP Host Agent (windows)SAP Host Agent
Timeline
PublishedJan 10
Latest updateJun 22

Description

In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.5 | Impact: 5.9

Affected Packages2 packages

CVEListV5sap/host_agent_(windows)7.21, 7.22+1
NVDsap/host_agent7.21, 7.22+1

🔴Vulnerability Details

2
GHSA
GHSA-xh7r-hcfv-6wpx: In SAP Host Agent (Windows) - versions 72023-01-10
CVEList
Local Privilege Escalation in SAP Host Agent (Windows)2023-01-10

📋Vendor Advisories

2
CISA
Vmware Aria Operations for Networks Command Injection Vulnerability2023-06-22
VMware
VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)2023-06-07
CVE-2023-0012 (MEDIUM CVSS 6.7) | In SAP Host Agent (Windows) - versi | cvebase.io