CVE-2020-6287 - SAP NetWeaver Missing Authentication for Critical Function Vulnerability
Project:SAP
Product:NetWeaver
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
SAP NetWeaver Missing Authentication for Critical Function Vulnerability
Description
SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-6287