CVE-2020-6308

5.3MEDIUM

Key Information:

Vendor: SAP
Status: SAP Businessobjects Business Intelligence Platform (web Services)
Vendor: CVE Published:; 20 October 2020

Badges

👾 Exploit Exists🟡 Public PoC

Summary

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.

Affected Version(s)

SAP BusinessObjects Business Intelligence Platform (Web Services) < 410 < 410

SAP BusinessObjects Business Intelligence Platform (Web Services) < 420 < 420

SAP BusinessObjects Business Intelligence Platform (Web Services) < 430 < 430

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-6308-PoC
Created by InitRoot

CVE-2020-6308
Created by TheMMMdev

sap_bo_launchpad-ssrf-timing_attack
Created by MachadoOtto

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2943844

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Aug 13, 2024
👾
Exploit known to exist
Aug 4, 2024
Vulnerability published
Oct 20, 2020
Vulnerability Reserved
Jan 8, 2020