CVE-2020-6183

Name: CVE-2020-6183
Creator: NVD / NIST
Published: 2020-02-12T20:15:13.887+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.5/10EPSS 0.69%

Last modified Jun 17, 2026

CVE-2020-6183 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of any directory, system hardware and OS details, leading to Missing Authorization Check vulnerability.. EPSS estimates a 0.69% chance of exploitation in the next 30 days.

Description

SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of any directory, system hardware and OS details, leading to Missing Authorization Check vulnerability.

Metrics

CVSS 3.1

6.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS Probability

0.69%

48.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-862

Affected Software

Vendor	Product	Versions
Sap	Host Agent	7.21

References

https://launchpad.support.sap.com/#/notes/2836445Permissions Required, Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812Vendor Advisory
https://launchpad.support.sap.com/#/notes/2836445Permissions Required, Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812Vendor Advisory

Timeline

Published: Feb 12, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-6183?

How severe is CVE-2020-6183?

CVE-2020-6183 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 0.69% probability of exploitation in the next 30 days.

How do I fix CVE-2020-6183?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-6183?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST