Skip to Content
0
Nov 19, 2021 at 09:38 AM

Server-Side Request Forgery vulnerability can not be solved after upgrade

613 Views

Hi, I recently get some problems through Nesus, so I need to fix vulnerabilities discovered in SAP products.

The vulnerabilities I want to ask is 2943844 - [CVE-2020-6308] Server-Side Request Forgery vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Services)

I have already let the system be populated with the relevant patch levels and I edit the dsws.properties file to configure the field allowed.cms (=host:port). But Nesus tell us that the vulnerabilities are still exist.

Can anyone help us to solve this problem or give us some suggestions, thank you!