Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SAP_BUSINESSOBJECTS_INTELLIGENCE_PLATFORM_CVE-2020-6308.NBINHistoryFeb 08, 2021 - 12:00 a.m.
SAP BusinessObjects Business Intelligence Platform SSRF Vulnerability (direct check)
2021-02-0800:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
392
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
Binary data sap_businessobjects_intelligence_platform_cve-2020-6308.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | businessobjects_business_intelligence_platform | cpe:/a:sap:businessobjects_business_intelligence_platform |
Related
githubexploit
githubexploit
prion
prion
Server side request forgery (ssrf)
2020-10-20 14:15:00
cve
cve
CVE-2020-6308
2020-10-20 14:15:00
nuclei
nuclei
checkpoint_advisories
checkpoint_advisories
Related for SAP_BUSINESSOBJECTS_INTELLIGENCE_PLATFORM_CVE-2020-6308.NBIN