CVE-2020-6308

MEDIUM EXPLOITED NUCLEI

SAP BusinessObjects Web Services - Info Disclosure

Title source: llm

Description

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.

Exploits (4)

nomisec WRITEUP 36 stars

by InitRoot · infoleak

https://github.com/InitRoot/CVE-2020-6308-PoC

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by TheMMMdev · infoleak

https://github.com/TheMMMdev/CVE-2020-6308

View Code ZIP pw:eip

nomisec WORKING POC

by MachadoOtto · infoleak

https://github.com/MachadoOtto/sap_bo_launchpad-ssrf-timing_attack

View Code ZIP pw:eip

nomisec WORKING POC

by freeFV · poc

https://github.com/freeFV/CVE-2020-6308-mass-exploiter

View Code ZIP pw:eip

Nuclei Templates (1)

SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery

MEDIUMby madrobot

References (2)

[Permissions Required, Vendor Advisory] https://launchpad.support.sap.com/#/notes/2943844

[Vendor Advisory] https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196

Scores

CVSS v3 5.3

EPSS 0.8206

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2024-02-14

CWE

CWE-918

Status published

Products (3)

sap/businessobjects_business_intelligence_platform 4.1

sap/businessobjects_business_intelligence_platform 4.2

sap/businessobjects_business_intelligence_platform 4.3

Published Oct 20, 2020

Tracked Since Feb 18, 2026