CVE-2020-6263

Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:netweaver_application_server_java:7.00:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.01:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.02:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.05:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*

Information

Published : 2020-06-10 06:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-6263

Mitre link : CVE-2020-6263


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

sap

  • netweaver_application_server_java