8 matches found
EUVD-2022-29670
Malicious code in bioql PyPI...
CVE-2020-6287
SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...
SAP NetWeaver Missing Authentication for Critical Function Vulnerability
SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users...
Acronis: Found multiple SAP NetWeaver vulnerable services
Summary: Hello Team, I found two redapi.acronis.com and redapi2.acronis.com sap Netweaver vulnerable services. They do not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system,...
Authentication flaw
SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...
CVE-2020-6287
CVE-2020-6287 affects SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30–7.50. The vulnerability is a missing authentication check that allows an unauthenticated attacker to execute configuration tasks and create an administrative user, thereby compromising Confidentiality, Integrity a...
CVE-2020-6287
SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...
CVE-2020-6287
SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...