CVE-2020-6302

Published: Sep 9, 2020Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.

Affected (5)

Products: Sap: Commerce

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Sap Commerce	Version 1808
Sap Commerce	Version 1811
Sap Commerce	Version 1905
Sap Commerce	Version 2005
Sap Commerce	Version 6.7

Related CWEs

Session Fixation

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

References (4)

https://launchpad.support.sap.com/#/notes/2934451

Source: cna@sap.com

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2934451

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.