Host agent

This hub aggregates every CVE we track for Host agent, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Host agent.

• CVE-2024-47595Local Privilege Escalation in SAP Host Agent6.3Nov 12, 2024
• CVE-2023-40309Missing Authorization check in SAP CommonCryptoLib9.8Sep 12, 2023
• CVE-2023-40308Memory Corruption vulnerability in SAP CommonCryptoLib7.5Sep 12, 2023
• CVE-2023-36926Information disclosure vulnerability in SAP Host Agent3.7Aug 8, 2023
• CVE-2023-27498Memory Corruption vulnerability in SAP Host Agent (SAPOSCOL)7.2Mar 14, 2023
• CVE-2023-24523An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery...8.8Feb 14, 2023
• CVE-2023-0012Local Privilege Escalation in SAP Host Agent (Windows)6.4Jan 10, 2023
• CVE-2022-35295In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves.4.9Sep 13, 2022
• CVE-2022-29614SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64N...5.0Jun 14, 2022
• CVE-2022-29612SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04...4.3Jun 14, 2022
• CVE-2022-28774Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.5.5May 11, 2022
• CVE-2020-6234SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.7.2Apr 14, 2020
• CVE-2020-6186SAP Host Agent, version 7.21, allows an attacker to cause a slowdown in processing of username/password-based authentication requests of the SAP Host Agent, leading to Denial of Service.7.5Feb 12, 2020
• CVE-2020-6183SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may cont...6.5Feb 12, 2020
• CVE-2016-8610A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remo...7.5Nov 13, 2017