CVE-2020-6287

Description from NVD

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.

Information Acquisition Date:2021-04-27T10:48Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 10.0 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
     source:MISC
     tags:Vendor Advisory    
 https://launchpad.support.sap.com/#/notes/2934135
     source:MISC
     tags:Permissions Required    Vendor Advisory    
 https://www.onapsis.com/recon-sap-cyber-security-vulnerability
     source:MISC
     tags:
 20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks
     source:FULLDISC
     tags:
 http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html
     source:MISC
     tags:

Description from Forti

SAP NetWeaver LM Configuration Wizard Authentication Bypass

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in SAP NetWeaver AS Java.The vulnerability is due to a lack of authentication in the vulnerable component. A remote, unauthenticated attacker could exploit this vulnerability to create admin credentials. Successful exploitation of this vulnerability result in the bypassing of authentication and allows the attacker to perform arbitrary actions with administrative privileges.

Information Acquisition Date:2020/08/01

Affected Products

SAP NetWeaver AS Java 7.30 to 7.50

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest upgrade or patch from the vendor:
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...264
https://lists.astaro.com/ASGV9-IPS-rules.html24
https://us-cert.cisa.gov/ncas/alerts/aa20-195a7
https://www.jpcert.or.jp/newsflash/2020071401.html7
https://www.helpnetsecurity.com/2020/07/14/cve-2020-6287/6
https://github.com/chipik/SAP_RECON5
https://ift.tt/3eqq3uo4
https://vicxer.com/events/2020/cve-2020-6287.html4
https://threatpost.com/critical-sap-bug-enterprise-system-t...4
https://www.tenable.com/blog/cve-2020-6287-critical-vulnera...4
https://twitter.com/autumn_good_35/status/12828703171787366413
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=...3
https://thehackernews.com/2020/07/sap-netweaver-vulnerabili...3
https://reportcybercrime.com/cve-2020-62873
https://ipssignatures.appspot.com/?cve=CVE-2020-62873

Information from Twitter

User URL Info Source Date
malwrhunterteam https://twitter.com/malwrhunterteam/status/1575210752528764... Source malwrhunterteam 1575210752528764928 2022/09/29
CVEtrends https://cvetrends.com Source CVEtrends        1575470458610270212 2022/09/29

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com264
lists.astaro.com24
us-cert.cisa.gov7
www.jpcert.or.jp7
www.helpnetsecurity.com6
github.com5
ift.tt4
vicxer.com4
threatpost.com4
www.tenable.com4
twitter.com3
wiki.scn.sap.com3
thehackernews.com3
reportcybercrime.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
malwrhunterteam twitter.com Show Tweet
CVEtrends cvetrends.com Show Tweet

GitHub Search Results: Up to 10
NameURL
chipik/SAP_RECON https://github.com/chipik/SAP_RECON
duc-nt/CVE-2020-6287-exploit https://github.com/duc-nt/CVE-2020-6287-exploit
Onapsis/CVE-2020-6287_RECON-scanner https://github.com/Onapsis/CVE-2020-6287_RECON-scanner
murataydemir/CVE-2020-6287 https://github.com/murataydemir/CVE-2020-6287
ynsmroztas/CVE-2020-6287-Sap-Add-User https://github.com/ynsmroztas/CVE-2020-6287-Sap-Add-User

GitHub Search Results: Up to 10
NameURL
chipik/SAP_RECON github.com
duc-nt/CVE-2020-6287-exploit github.com
Onapsis/CVE-2020-6287_RECON-scanner github.com
murataydemir/CVE-2020-6287 github.com
ynsmroztas/CVE-2020-6287-Sap-Add-User github.com

2022/09/29 Score : 0
Added Har-sia Database : 2020/07/14
Last Modified : 2022/09/29
Highest Scored Date : 2020/07/14
Highest Score : 58