SAP NetWeaver AS JAVA Vulnerability CVE-2020-6287 Scanner

Details

Stay Up To Date

Follow @secforeveryone

Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

SAP NetWeaver AS JAVA Vulnerability CVE-2020-6287 Scanner Detail

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.

Some Advice for Common Problems

Update your SAP NetWeaver AS JAVA application, to the latest version to eliminate this vulnerability.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service