← volver
CVE-2020-6215

CVE-2020-6215

CVSS 6.1 MEDIUMEPSS 1.5%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.1EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
14 abr 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
SAP SE · SAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/174985/SAP-Application-Server-ABAP-Open-Redirection.htmlhttp://seclists.org/fulldisclosure/2023/Oct/13https://launchpad.support.sap.com/#/notes/2872782https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202