| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
| CVE-2020-26836 | 9 Dec 202020:32 | – | circl | |
| SAP Solution Manager 输入验证错误漏洞 | 8 Dec 202000:00 | – | cnnvd | |
| SAP Solution Manager Open Redirect Vulnerability | 15 Dec 202000:00 | – | cnvd | |
| CVE-2020-26836 | 9 Dec 202016:31 | – | cve | |
| CVE-2020-26836 | 9 Dec 202016:31 | – | cvelist | |
| EUVD-2020-19372 | 7 Oct 202500:30 | – | euvd | |
| Vulnerabilities fixed in SAP products | 8 Dec 202000:00 | – | ncsc | |
| CVE-2020-26836 | 9 Dec 202017:15 | – | nvd | |
| CVE-2020-26836 | 9 Dec 202017:15 | – | osv | |
| SAP Solution Manager 7.2 (ST 720) Open Redirection | 15 Jun 202100:00 | – | packetstorm |
id: CVE-2020-26836
info:
name: SAP Solution Manager - Open Redirect
author: Gal Nagli,LRVT
severity: medium
description: SAP Solution Manager contains an open redirect vulnerability via the logoff endpoint. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
Attackers can redirect users to malicious websites through crafted links, potentially facilitating phishing attacks or credential theft.
remediation: |
Apply security patches or updates provided by SAP to fix the vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-26836
- https://onapsis.com/security-advisories/sap-solution-manager-open-redirect-trace-analysis/
- http://packetstormsecurity.com/files/163136/SAP-Solution-Manager-7.2-ST-720-Open-Redirection.html
- http://seclists.org/fulldisclosure/2021/Jun/25
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2020-26836
cwe-id: CWE-601
epss-score: 0.02338
epss-percentile: 0.81556
cpe: cpe:2.3:a:sap:solution_manager:7.20:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: sap
product: solution_manager
tags: cve,cve2020,redirect,sap,vuln,vkev
http:
- method: GET
path:
- "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://interact.sh"
matchers-condition: and
matchers:
- type: status
status:
- 302
- 301
- 307
- type: word
part: header
words:
- "Location: https://www.interact.sh"
- "Location: https://interact.sh"
condition: or
# digest: 4a0a0047304502206ae62284902f71c03a142e2977e510fe6d87400e1c030e0ab9b8039d4f75f5ff02210097eabe9f91a423c5daf8d059359af34d742b91a7ab1017326cd2dfe0dd9f167e:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation