Описание
SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.6 High
CVSS3
8.6 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.
EPSS
8.6 High
CVSS3
8.6 High
CVSS3
5 Medium
CVSS2