An authentication bypass vulnerability exists in SAP NetWeaver AS JAVA (LM Configuration Wizard) due to insufficient authentication checks. An unauthenticated, remote attacker can exploit this by executing configuration tasks that perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system.
Binary data sap_nw_cve-2020-6287.nbin
Vendor | Product | Version |
---|---|---|
sap | netweaver_application_server |