logo
DATABASE RESOURCES PRICING ABOUT US

SAP NetWeaver : Authentication Bypass (CVE-2020-6287) (Direct Check)

Description

An authentication bypass vulnerability exists in SAP NetWeaver AS JAVA (LM Configuration Wizard) due to insufficient authentication checks. An unauthenticated, remote attacker can exploit this by executing configuration tasks that perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system.


Related