CVE-2020-6282

SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.

CVSS v3 5.8 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://launchpad.support.sap.com/#/notes/2896025	Permissions Required Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:netweaver_application_server_java:7.10:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.11:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.20:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.30:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.31:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.40:::::::*
	cpe:2.3:a:sap:netweaver_application_server_java:7.50:::::::*

History

No history.

Information

Published : 2020-07-14 13:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-6282

Mitre link : CVE-2020-6282

CVE.ORG link : CVE-2020-6282

JSON object : View

Products Affected

sap

netweaver_application_server_java

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2020-6282", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-07-14T13:15:12.750", "references": [{"url": "https://launchpad.support.sap.com/#/notes/2896025", "tags": ["Permissions Required", "Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability."}, {"lang": "es", "value": "SAP NetWeaver AS JAVA (servicio IIOP) (SERVERCORE), versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, y SAP NetWeaver AS JAVA (servicio IIOP) (CORE-TOOLS), versiones 7.10, 7.11, 7.20, 7.30 , 7.31, 7.40, 7.50, permite a un atacante enviar una petici\u00f3n dise\u00f1ada desde una aplicaci\u00f3n web vulnerable. Normalmente es usada para apuntar a sistemas internos detr\u00e1s de los firewalls que normalmente son inaccesibles a un atacante desde la red externa, resultando en una vulnerabilidad de tipo Server-Side Request Forgery"}], "lastModified": "2020-07-15T18:55:06.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D60371A7-F8F4-46F8-9659-DD4EE84B81EA"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6B085AF-8CEE-4A87-B381-F36C989FB2A0"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A28C48-4325-4694-88B1-FEE46EBFB0A6"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24A1E0B9-8C28-41BC-B050-237B5F929C9C"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68"}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C506445-3787-4BFF-A98B-7502A0F7CF80"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}