Description
SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 700 – = 700
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 731 – = 731
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 740 – = 740
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 750 – = 750
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 789 – = 789
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 701 – = 701
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 702 – = 702
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 751 – = 751
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 752 – = 752
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 753 – = 753
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 754 – = 754
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 755 – = 755
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 756 – = 756
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 757 – = 757
- SAP_SE / SAP NetWeaver ABAP Server and ABAP Platform= 790 – = 790