CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26815

SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 5.0

References

Products affected by CVE-2020-26815

Sap » Fiori Launchpad (News Tile Application) » Version: 750

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):750
Sap » Fiori Launchpad (News Tile Application) » Version: 751

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):751
Sap » Fiori Launchpad (News Tile Application) » Version: 752

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):752
Sap » Fiori Launchpad (News Tile Application) » Version: 753

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):753
Sap » Fiori Launchpad (News Tile Application) » Version: 754

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):754
Sap » Fiori Launchpad (News Tile Application) » Version: 755

cpe:2.3:a:sap:fiori_launchpad_(news_tile_application):755

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26815

Products

Pricing

Contact Us