CVE-2020-6215

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754

Description The issue allows an attacker to redirect users to a malicious site due to insufficient URL validation, potentially leading to the theft of victim credentials. This is a result of a URL Redirection vulnerability.

Recommendations For versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, consider disabling the vulnerable Business Server Pages Test Application IT00 until a patch is available to prevent URL redirection attacks. Restrict access to the application to minimize the risk of exploitation. Avoid using potentially vulnerable URL redirects in the application until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.