SAP.NetWeaver.LM.Configuration.Wizard.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in SAP NetWeaver AS Java.
The vulnerability is due to a lack of authentication in the vulnerable component. A remote, unauthenticated attacker could exploit this vulnerability to create admin credentials. Successful exploitation of this vulnerability result in the bypassing of authentication and allows the attacker to perform arbitrary actions with administrative privileges.
Affected Products
SAP NetWeaver AS Java 7.30 to 7.50
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest upgrade or patch from the vendor:
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-08-05 | 15.900 | Sig Added |
2020-07-29 | 15.897 | Default_action:pass:drop |
2020-07-20 | 15.889 |