Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-6308Server-Side Request Forgery in SE SAP Businessobjects Business Intelligence Platform

CWE-918Server-Side Request Forgery6 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
82.1%
top 0.79%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SAP SE SAP Businessobjects Business Intelligence PlatformSAP Businessobjects Business Intelligence Platform
Timeline
PublishedOct 20
Latest updateMay 24

Description

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable serv

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

3
GHSA
GHSA-7jm8-4vmp-ff6g: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary val2022-05-24
CVEList
CVE-2020-6308: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary val2020-10-20
VulnCheck
SAP businessobjects_business_intelligence_platform Server-Side Request Forgery (SSRF)2020

💥Exploits & PoCs

2
Nuclei
SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery
Nuclei
SAP NetWaver Security Checks
CVE-2020-6308 — Server-Side Request Forgery | cvebase