← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-6287 — Actively Exploited: NetWeaver (SAP)

SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.

CVE IDCVE-2020-6287
VendorSAP
ProductNetWeaver
Vulnerability nameSAP NetWeaver Missing Authentication for Critical Function Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionSAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →