CVE-2020-6215
First published: Tue Apr 14 2020(Updated: )
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.
Credit: cna@sap.com cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver AS ABAP Business Server Pages | =700 | |
| SAP NetWeaver AS ABAP Business Server Pages | =701 | |
| SAP NetWeaver AS ABAP Business Server Pages | =702 | |
| SAP NetWeaver AS ABAP Business Server Pages | =730 | |
| SAP NetWeaver AS ABAP Business Server Pages | =731 | |
| SAP NetWeaver AS ABAP Business Server Pages | =740 | |
| SAP NetWeaver AS ABAP Business Server Pages | =750 | |
| SAP NetWeaver AS ABAP Business Server Pages | =751 | |
| SAP NetWeaver AS ABAP Business Server Pages | =752 | |
| SAP NetWeaver AS ABAP Business Server Pages | =753 | |
| SAP NetWeaver AS ABAP Business Server Pages | =754 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this SAP NetWeaver AS ABAP Business Server Pages Test Application vulnerability?
The vulnerability ID is CVE-2020-6215.
What is the severity of CVE-2020-6215?
The severity of CVE-2020-6215 is medium with a severity value of 6.1.
What is the impact of the SAP NetWeaver AS ABAP Business Server Pages Test Application vulnerability?
The vulnerability allows an attacker to redirect users to a malicious site and steal credentials of the victim.
Which versions of SAP NetWeaver AS ABAP Business Server Pages Test Application are affected by CVE-2020-6215?
Versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 of SAP NetWeaver AS ABAP Business Server Pages Test Application are affected.
How can I fix the SAP NetWeaver AS ABAP Business Server Pages Test Application vulnerability?
Refer to the SAP note 2872782 for information on how to fix the SAP NetWeaver AS ABAP Business Server Pages Test Application vulnerability.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/author
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap netweaver as abap business server pages
- version/sap netweaver as abap business server pages/700
- version/sap netweaver as abap business server pages/701
- version/sap netweaver as abap business server pages/702
- version/sap netweaver as abap business server pages/730
- version/sap netweaver as abap business server pages/731
- version/sap netweaver as abap business server pages/740
- version/sap netweaver as abap business server pages/750
- version/sap netweaver as abap business server pages/751
- version/sap netweaver as abap business server pages/752
- version/sap netweaver as abap business server pages/753
- version/sap netweaver as abap business server pages/754