Any authenticated user of the SAP Solution Manager version 7.2 is able to craft, upload, and execute EEM scripts on the SMDAgents affecting its integrity, confidentiality and availability.
bdc7e6c1e337b3a9375a591f67ba31840609fc29cc4d04938ddbb01ed4b453aa
The End-User Experience Monitoring (EEM) application, part of the SAP Solution Manager version 7.2, is vulnerable to path traversal. As a consequence, an unauthorized attacker would be able to read sensitive OS files and affect the availability of the EEM robots connected to the SolMan.
e7df5522b5218db217d73908552d4067a8c0fedc1d3ce58d9455d1d4c14f7d01