How hackers gain root access to SAP enterprise servers through SolMan

Researchers have demonstrated how a set of vulnerabilities in SAP Solution Manager could be exploited to obtain root access to enterprise servers.

Speaking at Black Hat USA on Wednesday, Onapsis cybersecurity researchers Pablo Artuso and Yvan Genuer explained how the bugs were found in SAP Solution Manager (SolMan), a system comparable to Windows Active Directory.

SolMan is a centralized application designed to manage IT solutions on-premise, in the cloud, or in hybrid environments. The integrated solution acts as a management tool for business-critical applications, including SAP and non-SAP software.

Read more…
Source: ZDNet