⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-6287

CWE-306Missing AuthenticationCWE-287Improper Authentication15 documents10 sources
Severity
10.0CRITICAL
EPSS
94.4%
top 0.04%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
SAP SE SAP Netweaver AS Java (LM Configuration Wizard)SAP Netweaver Application Server Java
Timeline
PublishedJul 14
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

NVDsap/netweaver_application4 versions+3

🔴Vulnerability Details

3
GHSA
GHSA-676j-vqr4-6w3h: SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 72022-05-24
CVEList
CVE-2020-6287: SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 72020-07-14
VulnCheck
SAP NetWeaver Missing Authentication for Critical Function Vulnerability2020

💥Exploits & PoCs

3
Exploit-DB
Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)2020-11-30
Nuclei
SAP NetWaver Security Checks
Nuclei
SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition

🔍Detection Rules

5
Suricata
ET EXPLOIT Possible SAP NetWeaver CVE-2020-6287 Vulnerable Response2020-07-22
Suricata
ET EXPLOIT Possible SAP NetWeaver CVE-2020-6287 Exploit Success2020-07-22
Suricata
ET EXPLOIT Possible SAP NetWeaver CVE-2020-6287 Probe2020-07-22
Suricata
ET EXPLOIT Possible SAP NetWeaver CVE-2020-6287 Exploit Attempt2020-07-22
Suricata
ET USER_AGENTS SAP CVE-2020-6287 PoC UA Observed2020-07-16

📋Vendor Advisories

1
CISA
SAP NetWeaver Missing Authentication for Critical Function Vulnerability2021-11-03

💬Community

1
HackerOne
CVE-2020-6287 https://redapi2.acronis.com2021-02-16
CVE-2020-6287 (CRITICAL CVSS 10) | SAP NetWeaver AS JAVA (LM Configura | cvebase.io