CVE-2020-6287: SAP NetWeaver AS JAVA Vulnerability Alert
Recently, SAP officially released a risk notification for high-risk vulnerability caused by the lack of identity authentication in SAP NetWeaver. The vulnerability number is CVE-2020-6287, and the vulnerability level is high-risk. SAP NetWeaver is SAP’s integrated technology platform and the technical foundation of all SAP applications since SAP Business Suite. SAP NetWeaver is a service-oriented application and integration platform that provides a development and running environment for SAP applications, and can also be used for custom development and integration with other applications and systems.
Affect version
- SAP NetWeaver:7.30, 7.31, 7.40, 7.50
Among the potentially affected SAP solutions include
- SAP Enterprise Resource Planning
- SAP Product Lifecycle Management
- SAP Customer Relationship Management
- SAP Supply Chain Management
- SAP Supplier Relationship Management
- SAP NetWeaver Business Warehouse
- SAP Business Intelligence
- SAP NetWeaver Mobile Infrastructure
- SAP Enterprise Portal
- SAP Process Orchestration/Process Integration
- SAP Solution Manager
- SAP NetWeaver Development Infrastructure
- SAP Central Process Scheduling
- SAP NetWeaver Composition Environment
- SAP Landscape Manager