CVE-2020-6287

Description from NVD

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.

Information Acquisition Date:2021-04-27T10:48Z

CVSS 2.0: 10.0 HIGH CVSS 3.x: 10.0 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchanged	Changed
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
source:MISC
tags:Vendor Advisory

https://launchpad.support.sap.com/#/notes/2934135
source:MISC
tags:Permissions Required Vendor Advisory

https://www.onapsis.com/recon-sap-cyber-security-vulnerability
source:MISC
tags:

20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks
source:FULLDISC
tags:

http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html
source:MISC
tags:

Description from Forti

SAP NetWeaver LM Configuration Wizard Authentication Bypass

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in SAP NetWeaver AS Java.The vulnerability is due to a lack of authentication in the vulnerable component. A remote, unauthenticated attacker could exploit this vulnerability to create admin credentials. Successful exploitation of this vulnerability result in the bypassing of authentication and allows the attacker to perform arbitrary actions with administrative privileges.

Information Acquisition Date:2020/08/01

Affected Products

SAP NetWeaver AS Java 7.30 to 7.50

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest upgrade or patch from the vendor:
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675

References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URL	Num of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	264
https://lists.astaro.com/ASGV9-IPS-rules.html	24
https://us-cert.cisa.gov/ncas/alerts/aa20-195a	7
https://www.jpcert.or.jp/newsflash/2020071401.html	7
https://www.helpnetsecurity.com/2020/07/14/cve-2020-6287/	6
https://github.com/chipik/SAP_RECON	5
https://ift.tt/3eqq3uo	4
https://vicxer.com/events/2020/cve-2020-6287.html	4
https://threatpost.com/critical-sap-bug-enterprise-system-t...	4
https://www.tenable.com/blog/cve-2020-6287-critical-vulnera...	4
https://twitter.com/autumn_good_35/status/1282870317178736641	3
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=...	3
https://thehackernews.com/2020/07/sap-netweaver-vulnerabili...	3
https://reportcybercrime.com/cve-2020-6287	3
https://ipssignatures.appspot.com/?cve=CVE-2020-6287	3

Information from Twitter

User	URL	Info Source	Date
malwrhunterteam	https://twitter.com/malwrhunterteam/status/1575210752528764...	Source malwrhunterteam 1575210752528764928	2022/09/29
CVEtrends	https://cvetrends.com	Source CVEtrends 1575470458610270212	2022/09/29

List of frequently cited URLs

URL	Num of Times Referred to
alerts.vulmon.com	264
lists.astaro.com	24
us-cert.cisa.gov	7
www.jpcert.or.jp	7
www.helpnetsecurity.com	6
github.com	5
ift.tt	4
vicxer.com	4
threatpost.com	4
www.tenable.com	4
twitter.com	3
wiki.scn.sap.com	3
thehackernews.com	3
reportcybercrime.com	3
ipssignatures.appspot.com	3

Information from Twitter

User	URL	Info Source
malwrhunterteam	twitter.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
chipik/SAP_RECON	https://github.com/chipik/SAP_RECON
duc-nt/CVE-2020-6287-exploit	https://github.com/duc-nt/CVE-2020-6287-exploit
Onapsis/CVE-2020-6287_RECON-scanner	https://github.com/Onapsis/CVE-2020-6287_RECON-scanner
murataydemir/CVE-2020-6287	https://github.com/murataydemir/CVE-2020-6287
ynsmroztas/CVE-2020-6287-Sap-Add-User	https://github.com/ynsmroztas/CVE-2020-6287-Sap-Add-User

GitHub Search Results: Up to 10

Name	URL
chipik/SAP_RECON	github.com
duc-nt/CVE-2020-6287-exploit	github.com
Onapsis/CVE-2020-6287_RECON-scanner	github.com
murataydemir/CVE-2020-6287	github.com
ynsmroztas/CVE-2020-6287-Sap-Add-User	github.com

2022/09/29 Score : 0
Added Har-sia Database : 2020/07/14
Last Modified : 2022/09/29
Highest Scored Date : 2020/07/14
Highest Score : 58