CVE-2020-6215

Summary

SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 700affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 701affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 702affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 730affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 731affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 740affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 750affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 751affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 752affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 753affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)< 754affected

Weaknesses

  • URL Redirection

ADP Enrichment

CVE Program Container

Additional References

References