admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-63xx/CVE-2020-6324.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

189 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-6324",
"sourceIdentifier": "cna@sap.com",
"published": "2020-09-09T14:15:12.927",
"lastModified": "2023-01-30T18:24:25.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim?s browser leading to Reflected Cross Site Scripting."
},
{
"lang": "es",
"value": "SAP Netweaver AS ABAP(BSP Test Application sbspext_table), versi\u00f3n-700,701,720,730,731,740,750,751,752,753,754,755, permite a un atacante no autenticado enviar una URL contaminada a la v\u00edctima, cuando la v\u00edctima hace clic en esta URL, el atacante puede leer, modificar la informaci\u00f3n disponible en el navegador de la v\u00edctima llevando a Reflected Cross Site Scripting"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:700:*:*:*:*:*:*:*",
"matchCriteriaId": "C730F7F7-B228-4D3E-BC02-33EE5D695D69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:701:*:*:*:*:*:*:*",
"matchCriteriaId": "EE253C97-C802-476B-81FB-BA4FC15B433C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:702:*:*:*:*:*:*:*",
"matchCriteriaId": "4DCD414F-0C97-4657-BF48-11DA3A83850E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7A2294-4A88-436E-A847-1D88DBB1877E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:731:*:*:*:*:*:*:*",
"matchCriteriaId": "C167C76A-0F85-47F3-A90E-8DA4EA8C3B74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:740:*:*:*:*:*:*:*",
"matchCriteriaId": "FF90E047-B917-4C52-8A5B-99BFA094E90D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:750:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE99B15-44F0-47A1-AD2F-D92BCCA940F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:751:*:*:*:*:*:*:*",
"matchCriteriaId": "C00F292E-E761-47AA-A82D-456CBA829BDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:752:*:*:*:*:*:*:*",
"matchCriteriaId": "4662F413-B285-4310-AA7C-D8AD60E024DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:753:*:*:*:*:*:*:*",
"matchCriteriaId": "76D5B33D-9FFE-4492-8879-5738CD963D09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:754:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C50935-7C21-4248-A707-60E08FA860DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:755:*:*:*:*:*:*:*",
"matchCriteriaId": "4032AD23-8EFE-4A7B-84C3-B658F8F639DF"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/2948239",
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink