Lucene search

SapCVE-2020-6283

HistorySep 09, 2020 - 1:15 p.m.

CVE-2020-6283

2020-09-0913:15:11

CWE-79

sap

web.nvd.nist.gov

cve-2020-6283

sap fiori

launchpad

html injection

xss

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.1%

JSON

SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting (XSS) vulnerability. With a successful attack, the attacker can steal authentication information of the user, such as data relating to his or her current session.

Affected configurations

Nvd

Node

sapfiori_launchpadMatch750

sapfiori_launchpadMatch752

sapfiori_launchpadMatch753

sapfiori_launchpadMatch754

sapfiori_launchpadMatch755

VendorProductVersionCPE
sapfiori_launchpad750cpe:2.3:a:sap:fiori_launchpad:750:*:*:*:*:*:*:*
sapfiori_launchpad752cpe:2.3:a:sap:fiori_launchpad:752:*:*:*:*:*:*:*
sapfiori_launchpad753cpe:2.3:a:sap:fiori_launchpad:753:*:*:*:*:*:*:*
sapfiori_launchpad754cpe:2.3:a:sap:fiori_launchpad:754:*:*:*:*:*:*:*
sapfiori_launchpad755cpe:2.3:a:sap:fiori_launchpad:755:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	fiori_launchpad	750	cpe:2.3:a:sap:fiori_launchpad:750:::::::*
sap	fiori_launchpad	752	cpe:2.3:a:sap:fiori_launchpad:752:::::::*
sap	fiori_launchpad	753	cpe:2.3:a:sap:fiori_launchpad:753:::::::*
sap	fiori_launchpad	754	cpe:2.3:a:sap:fiori_launchpad:754:::::::*
sap	fiori_launchpad	755	cpe:2.3:a:sap:fiori_launchpad:755:::::::*

CNA Affected

[
  {
    "product": "SAP Fiori(Launchpad)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 750"
      },
      {
        "status": "affected",
        "version": "< 752"
      },
      {
        "status": "affected",
        "version": "< 753"
      },
      {
        "status": "affected",
        "version": "< 754"
      },
      {
        "status": "affected",
        "version": "< 755"
      }
    ]
  }
]

References

launchpad.support.sap.com/#/notes/2865229

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.1%

JSON

Related for CVE-2020-6283