New SolMan Exploit in the wild
SAP Solution Manager is an administrative system that provides centralized, real-time monitoring of all SAP enterprise solutions, business processes, and interfaces.
Last week a fully-functional exploit that abuses CVE-2020-6207 vulnerability targeting SAP Solution Manager (SolMan) was published on the web. This vulnerability is rated with a CVSSv3 score of 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), the highest possible score and rated critical. A successful attack exploiting this vulnerability would put an organization’s mission-critical SAP applications, business process, and data at risk impacting cybersecurity and regulatory compliance.
If applicable, please apply the SAP Security Note #2890213, to secure your SOLMAN. For more information on this vulnerability, please check the blog post below from Onapsis research labs.