CVE-2020-6302 — HIGH (8.1) — White Hats Nepal

Vulnerability Description

SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Sap	Commerce	6.7

Related Weaknesses (CWE)

CWE-384

References

https://launchpad.support.sap.com/#/notes/2934451Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700Vendor Advisory
https://launchpad.support.sap.com/#/notes/2934451Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700Vendor Advisory

FAQ

What is CVE-2020-6302?

CVE-2020-6302 is a vulnerability with a CVSS score of 8.1 (HIGH). SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or m...

How severe is CVE-2020-6302?

CVE-2020-6302 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-6302?

Check the references section above for vendor advisories and patch information. Affected products include: Sap Commerce.