EUVD-2020-27413

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Standalone clients on SAP NetWeaver AS Java can bypass authentication due to lack of checks.

Reporter	Title	Published	Views	Family All 7
CNVD	SAP NetWeaver AS Java Authorization Issues Vulnerability	11 Jun 202000:00	–	cnvd
CVE	CVE-2020-6263	10 Jun 202012:44	–	cve
Cvelist	CVE-2020-6263	10 Jun 202012:44	–	cvelist
NVD	CVE-2020-6263	10 Jun 202013:15	–	nvd
OSV	CVE-2020-6263	10 Jun 202013:15	–	osv
Prion	Authentication flaw	10 Jun 202013:15	–	prion
RedhatCVE	CVE-2020-6263	22 May 202517:30	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "dfb8bc59-bd0f-3657-904a-a2404bef2b53",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06c305e6-202c-3360-be7d-1253e7f1e12e",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.10"
      },
      {
        "id": "0f80a5b3-03c7-3000-85e8-d06aba400bb1",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.40"
      },
      {
        "id": "193ff7dc-dd7e-36b4-9be4-4f6f36e47795",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.05"
      },
      {
        "id": "2ad345e7-3bd0-34b5-9e4e-ce8a701e82a9",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.11"
      },
      {
        "id": "30f52964-2da4-30ef-991c-273d5f0fa84a",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.20"
      },
      {
        "id": "50c4c8c4-6ef8-367b-becd-6dd9e4560354",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.50"
      },
      {
        "id": "771866a9-47cf-3b0e-986e-14feb6e83065",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.50 CORE-TOOLS 7.00"
      },
      {
        "id": "7a274790-0690-36e5-8de8-82a45762915b",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.31"
      },
      {
        "id": "8920f7bf-de6b-3e16-8ebe-942b130f4e69",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< SAP-JEECOR 7.00"
      },
      {
        "id": "973baf1b-8cfc-3ab1-96b7-ebdd2bf3eb95",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.01 SERVERCOR 7.10"
      },
      {
        "id": "b39c78ef-a68d-304e-8c04-873ad2dfcc9f",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.30"
      },
      {
        "id": "b8346ff5-0202-3ad0-8dc0-0fb422304b75",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.01"
      },
      {
        "id": "cf3ef381-4d66-3683-bf4d-c3dac72b8289",
        "product": {
          "name": "SAP NetWeaver AS Java"
        },
        "product_version": "< 7.02"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.2High risk

Vulners AI Score7.2

CVSS 36.9

CVSS 27.5

CVSS 3.19.8

EPSS0.00224