Exploit for #VU48661 Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence suite

Exploit for #VU48661 Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence suite

Published: 2020-11-26 | Updated: 2021-08-25

Vulnerability identifier: #VU48661

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-6308

CWE-ID: CWE-918

Exploitation vector: Network

Exploits in database: 5

August 25, 2021
- CVE-2020-6308 (Exploit script for SAP Business Objects SSRF) [Github]
February 9, 2021
- CVE-2020-6308-mass-exploiter (CVE-2020-6308 mass exploiter/fuzzer.) [Github]
December 28, 2020
- CVE-2020-6308-PoC (PoC CVE-2020-6308) [Github]
- CVE-2020-6308 (PoC CVE-2020-6308) [Github]
November 26, 2020
- CVE-2020-6308-mass-exploiter (CVE-2020-6308 mass exploiter/fuzzer.) [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
SAP BusinessObjects Business Intelligence suite
Server applications / Other server solutions

Vendor: SAP