Unauthenticated Configuration Task Execution in SAP NetWeaver AS JAVA
CVE-2020-6287

10CRITICAL

Key Information:

Vendor: SAP
Status: SAP Netweaver As Java (lm Configuration Wizard)
Vendor: CVE Published:; 14 July 2020

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 94%🦅 CISA Reported

Summary

SAP NetWeaver AS JAVA versions 7.30, 7.31, 7.40, and 7.50 are affected by a vulnerability that does not enforce authentication checks for executing configuration tasks. This flaw allows unauthorized attackers to perform critical actions on the SAP Java system, such as creating administrative users. The absence of appropriate authentication measures compromises the confidentiality, integrity, and availability of the system, posing significant security risks.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

SAP NetWeaver AS JAVA (LM Configuration Wizard) < 7.30 < 7.30

SAP NetWeaver AS JAVA (LM Configuration Wizard) < 7.31 < 7.31

SAP NetWeaver AS JAVA (LM Configuration Wizard) < 7.40 < 7.40

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

SAP_RECON
Created by chipik

CVE-2020-6287_RECON-scanner
Created by Onapsis

CVE-2020-6287
Created by murataydemir