CVE-2020-6215

SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.

Link	Resource
https://launchpad.support.sap.com/#/notes/2872782	Permissions Required Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202	Vendor Advisory

Configuration 1

cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:700:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:701:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:702:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:730:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:731:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:740:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:750:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:751:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:752:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:753:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:754:*:*:*:*:*:*:*

---

Published : 2020-04-14 08:15

Updated : 2020-04-15 05:21

---

NVD link : CVE-2020-6215

Mitre link : CVE-2020-6215

No products.

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')