← voltar
CVE-2020-26815

CVE-2020-26815

CVSS 8.6 HIGHEPSS 1.4%
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.6EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
10 nov 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Produtos afetados
SAP SE · SAP Fiori Launchpad (News Tile Application)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://launchpad.support.sap.com/#/notes/2984627https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571