CVE-2020-26815
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.
SAP Fiori Launchpad (News tile Application), versiones: 750,751,752,753,754,755, permite a un atacante no autorizado enviar una petición diseñada hacia una aplicación web vulnerable. Usualmente, se usa para apuntar a sistemas internos detrás de firewalls que son normalmente inaccesibles para un atacante desde la red externa para recuperar recursos sensibles y confidenciales que de otro modo están restringidos solo para uso interno, resultando en una vulnerabilidad de tipo Server-Side Request Forgery
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-10-07 CVE Reserved
- 2020-11-10 CVE Published
- 2023-07-27 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-918: Server-Side Request Forgery (SSRF)
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 | 2020-11-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 750 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "750" | - |
Affected
| ||||||
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 751 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "751" | - |
Affected
| ||||||
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 752 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "752" | - |
Affected
| ||||||
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 753 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "753" | - |
Affected
| ||||||
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 754 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "754" | - |
Affected
| ||||||
| Sap Search vendor "Sap" | Fiori Launchpad \(news Tile Application\) Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" | 755 Search vendor "Sap" for product "Fiori Launchpad \(news Tile Application\)" and version "755" | - |
Affected
| ||||||