CVE-2020-6207

9.8
CRITICALCVSS v3.1 Base Score
94.15%
HIGH RiskEPSS (100th percentile)
CWE-306

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.

Published: 3/10/2020
Modified: 10/31/2025
Back to CVE Lookup

Vulnerability Summary

CVSS v3 Score

9.8CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2 Score

10

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score (Exploitation Probability)

94.15%HIGH Exploitation Risk
100th percentile

This vulnerability has a 94.15% probability of being exploited in the next 30 days, ranking higher than 100% of all scored CVEs.

CWE Classification

CWE-306

Learn More

CVSS Calculator

View this score breakdown or calculate a custom score

Understanding CVSS Scoring

Learn how severity scores are calculated and what they mean

CVE Prioritization Guide

Best practices for deciding which vulnerabilities to address first

What is a CVE?

Essential guide to Common Vulnerabilities and Exposures

CVE vs CWE Explained

Understand how CVEs relate to underlying weakness types