CVE: Common Vulnerabilities and Exposures

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to confidentiality, integrity and availability.

CWE 1 Total

CWE-601: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CVSS 1 Total

Product Status

Versions 1 Total

Default Status: unaffected

affected

References 2 Total

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://launchpad.support.sap.com/#/notes/3270509
external site
x_transferred
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
external site
x_transferred

Authorized Data Publishers