Unrestricted File Upload Vulnerability in SAP NetWeaver by SAP

CVE-2020-6293

What is CVE-2020-6293?

SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40, and 7.50 contain a vulnerability that allows unauthenticated attackers to upload malicious files to the server. This can lead to unauthorized access or modification of existing files. While the impact is primarily limited to the files themselves, it remains constrained by existing policies like access control lists and upload file size restrictions. Consequently, this risk highlights the need for robust security measures around file handling and upload functionalities to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References