CVE-2020-6215

SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:700:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:701:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:702:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:730:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:731:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:740:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:751:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:752:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:753:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:754:*:*:*:*:*:*:*

History

06 Oct 2023, 17:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/174985/SAP-Application-Server-ABAP-Open-Redirection.html -

06 Oct 2023, 06:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2023/Oct/13 -

Information

Published : 2020-04-14 20:15

Updated : 2023-12-10 13:27


NVD link : CVE-2020-6215

Mitre link : CVE-2020-6215

CVE.ORG link : CVE-2020-6215


JSON object : View

Products Affected

sap

  • netweaver_as_abap_business_server_pages
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')