You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2020-6287
About this tag
CVE-2020-6287 is a critical vulnerability in SAP NetWeaver Application Server (AS) Java, specifically in the LM Configuration Wizard component. An unauthenticated attacker can exploit it via HTTP to take control of trusted SAP applications. The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends immediate patching due to the severity and attack surface. On WindowsForum.com, discussions focus on the vulnerability details, CISA advisory AA20-195A, and mitigation steps for enterprise IT environments using SAP systems.
Original release date: July 13, 2020
Summary
On July 13, 2020 EST, SAP released a Link Removed to address a critical vulnerability, Link Removed, affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this...