3 matches found
SAP NetWeaver AS JAVA Path Traversal Vulnerability
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A path traversal vulnerability exists in SAP Netweaver AS JAVA LM Configuration Wizard versions 7.30, 7.31, 7.40...
Path traversal
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal...
CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java
SAP NetWeaver AS JAVA LM Configuration Wizard, versions – 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...