CVE-2020-6263

🗓️ 10 Jun 2020 12:44:43Reported by sapType

Stand-alone clients in SAP NetWeaver AS Java via P4 Protocol vulnerable to Authentication Bypas

Reporter	Title	Published	Views	Family All 7
CNVD	SAP NetWeaver AS Java Authorization Issues Vulnerability	11 Jun 202000:00	–	cnvd
CVE	CVE-2020-6263	10 Jun 202012:44	–	cve
EUVD	EUVD-2020-27413	7 Oct 202500:30	–	euvd
NVD	CVE-2020-6263	10 Jun 202013:15	–	nvd
OSV	CVE-2020-6263	10 Jun 202013:15	–	osv
Prion	Authentication flaw	10 Jun 202013:15	–	prion
RedhatCVE	CVE-2020-6263	22 May 202517:30	–	redhatcve

[
  {
    "product": "SAP NetWeaver AS JAVA",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< SAP-JEECOR 7.00"
      },
      {
        "status": "affected",
        "version": "< 7.01 SERVERCOR 7.10"
      },
      {
        "status": "affected",
        "version": "< 7.11"
      },
      {
        "status": "affected",
        "version": "< 7.20"
      },
      {
        "status": "affected",
        "version": "< 7.30"
      },
      {
        "status": "affected",
        "version": "< 7.31"
      },
      {
        "status": "affected",
        "version": "< 7.40"
      },
      {
        "status": "affected",
        "version": "< 7.50 CORE-TOOLS 7.00"
      },
      {
        "status": "affected",
        "version": "< 7.01"
      },
      {
        "status": "affected",
        "version": "< 7.02"
      },
      {
        "status": "affected",
        "version": "< 7.05"
      },
      {
        "status": "affected",
        "version": "< 7.10"
      },
      {
        "status": "affected",
        "version": "< 7.50"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

10 Jun 2020 12:44Current

9.7High risk

Vulners AI Score9.7

CVSS 36.9

EPSS0.00224