Cyber Resilience

CVE-2020-6207

CriticalCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 10 March 2020

Published
10 March 2020
Modified
31 October 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.9415 99.9th percentile
Risk Priority 96 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-6207 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Sap Solution Manager. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-9 (Service Identification and Authentication).

Deeper analysis

SAP Solution Manager version 7.2 in the User Experience Monitoring component is affected by a missing authentication check vulnerability, tracked as CVE-2020-6207 and CWE-306. The flaw causes a service to skip authentication entirely, enabling unauthenticated access that results in full compromise of all connected SMDAgents. It carries a CVSS 3.1 base score of 9.8 reflecting network attack vector, low complexity, and no required privileges or user interaction.

An unauthenticated remote attacker can exploit the issue to achieve complete control over every SMDAgent linked to the Solution Manager instance, with impacts spanning confidentiality, integrity, and availability of the monitored environment.

Public exploit code and technical details for this vulnerability have been disclosed in multiple outlets, including Packet Storm and Full Disclosure mailing list postings from 2021 that demonstrate remote command execution and missing authorization vectors against the affected SAP components.

EU & UK References

Vulnerability details

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sap
solution manager
7.20

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces authentication requirements on the exposed UX Monitoring service before any access or commands are permitted to SMDAgents.

prevent

Requires the Solution Manager service itself to perform identification and authentication, eliminating the missing-authentication flaw described in CWE-306.

AC-17 Remote Access partial match
prevent

Mandates authentication and authorization for all remote connections to the Solution Manager, blocking unauthenticated network exploitation of the service.

References