SAP Knowledge Base Article - Preview

3129448 - CVE-2020-6308 still appears in Security scans after following SAP Note 2943844

Symptom

  • A security scan was run against the BI Platform and the following CVE alert was raised
    CVE-2020-6308

  • After following the SAP Note 2943844 - [CVE-2020-6308] Server-Side Request Forgery vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Services), the alert is still raised


Read more...

Environment

  • SAP BusinessObjects Business Intelligence Platform 4.x (BI 4.2 / 4.3)
  • Web Services / dswsbobje
  • AdminTools
  • Central Management Console (CMC) / BI Launchpad (BILP)
  • Windows
  • Linux / Unix 

Product

SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3

Keywords

KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.