Security for everyone

CVE-2020-6287 Scanner

Detects 'Improper Access Control' vulnerability in SAP NetWeaver Application Server affects v. 7.30, 7.31, 7.40, 7.50.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

30 sec

Scan only one


Parent Category

CVE-2020-6287 Scanner Detail

SAP NetWeaver Application Server (AS) JAVA is an integrated technology platform that supports the development and execution of Java-based applications in the SAP environment. It provides a range of services, including application server, portal, web services, and business process management. 

However, this product is not without its vulnerabilities. The most recent one, CVE-2020-6287, is a missing authentication check vulnerability. This vulnerability allows an attacker without prior authentication to execute configuration tasks and perform critical actions against the SAP Java system. One of these actions is creating an administrative user, which can compromise the Confidentiality, Integrity, and Availability of the system.

When this vulnerability is exploited, it can lead to serious consequences for businesses. Since an attacker can create an administrative user, they have complete control over the SAP Java system. They can access confidential information, modify or delete data, and disrupt business operations, leading to financial loss and reputational damage.

Thanks to the pro features of the platform, businesses and individuals can easily and quickly learn about vulnerabilities in their digital assets. By subscribing to the platform, users can receive real-time alerts about new vulnerabilities and detailed risk assessments of their digital assets. This proactive approach to cybersecurity is essential in today's world, where cyberattacks are becoming increasingly sophisticated and frequent.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture