Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-6203

EPSS 0.98% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-6203

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SAP NetWeaver UDDI Server 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SAP NetWeaver UDDI Server是德国思爱普(SAP)公司的一款UDDI(统一描述、发现和集成)目录服务器。 SAP NetWeaver UDDI Server (Services Registry)中存在路径遍历漏洞,该漏洞源于程序没有充分验证用户提交的路径信息。攻击者可利用该漏洞读取系统上的任意文件。以下产品及版本受到影响:SAP NetWeaver UDDI Server 7.10版本,7.11版本,7.20版本,7.30版本,7.31版本,7.40版本,7.50版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SAP SESAP NetWeaver UDDI Server (Services Registry) < 7.10 -

II. Public POCs for CVE-2020-6203

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-6203

登录查看更多情报信息。

Same Patch Batch · SAP SE · 2020-03-10 · 16 CVEs total

CVE-2020-6178SAP Enable Now 代码问题漏洞
CVE-2020-6196SAP BusinessObjects Mobile 安全漏洞
CVE-2020-6197SAP Enable Now 代码问题漏洞
CVE-2020-6198SAP Solution Manager 授权问题漏洞
CVE-2020-6199SAP ERP 安全漏洞
CVE-2020-6200SAP Commerce SmartEdit Extension 跨站脚本漏洞
CVE-2020-6201SAP Commerce 跨站脚本漏洞
CVE-2020-6202SAP NetWeaver Application Server Java 代码问题漏洞
CVE-2020-6204SAP Treasury and Risk Management 安全漏洞
CVE-2020-6205SAP NetWeaver AS ABAP Business Server Pages 跨站脚本漏洞
CVE-2020-6206SAP Cloud Platform Integration for Data Services 跨站请求伪造漏洞
CVE-2020-6207SAP Solution Manager 访问控制错误漏洞
CVE-2020-6208SAP Business Objects Business Intelligence Platform 代码注入漏洞
CVE-2020-6209SAP Disclosure Management 安全漏洞
CVE-2020-6210SAP Fiori Launchpad 跨站脚本漏洞

IV. Related Vulnerabilities

Same product: SAP NetWeaver UDDI Server (Services Registry)
Same vendor: SAP SE

V. Comments for CVE-2020-6203

No comments yet

Leave a comment