{"vulnerability": "CVE-2020-6287", "sightings": [{"uuid": "ba762234-02dc-4804-911a-6bdc6d0ba50e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "ea162ad9-46ec-45ce-b386-74e7f24b0f7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "050c4bf9-5b22-4a0c-a434-8b459725a46f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/722e0eaa-e493-4af2-ac19-1387f437d777", "content": "", "creation_timestamp": "2024-11-14T06:07:29.000000Z"}, {"uuid": "039a7c60-de7c-4c3d-a733-4404a633dd51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970935", "content": "", "creation_timestamp": "2024-12-24T20:21:59.075846Z"}, {"uuid": "ce9b8fe2-c3a0-4951-965d-658e15625eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-12)", "content": "", "creation_timestamp": "2025-01-12T00:00:00.000000Z"}, {"uuid": "40f6c8c9-82fd-4eaa-9577-093467301dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "15d30073-e4e7-4fcd-88cc-e3e19dd6937b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "51723c65-84bf-44c5-a68d-de562d299e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:30.000000Z"}, {"uuid": "ebeecec6-21e9-4621-9a7c-0b3dbc97415e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:49.000000Z"}, {"uuid": "7132368e-ec4e-426f-8589-bd5428ec9a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "de96de59-0d3c-4eb2-938e-adf2e29a29f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-05)", "content": "", "creation_timestamp": "2025-06-05T00:00:00.000000Z"}, {"uuid": "648fdd57-3c51-4583-a47f-54a39944d822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/sap/cve_2020_6287_ws_add_user.rb", "content": "", "creation_timestamp": "2020-07-23T16:31:56.000000Z"}, {"uuid": "24f5228a-117c-4be3-b2c4-221e691a3725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-30)", "content": "", "creation_timestamp": "2025-11-30T00:00:00.000000Z"}, {"uuid": "4969cdd3-dd4d-4c90-85bb-59ba8da48812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:56.000000Z"}, {"uuid": "df6dd830-e7da-47fd-a8dc-b587b2f9ce44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "31060ea5-94dc-4b15-b28d-690092b392d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-16)", "content": "", "creation_timestamp": "2026-01-16T00:00:00.000000Z"}, {"uuid": "a7b7aff9-c276-4c97-b30a-b0c759608936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-20)", "content": "", "creation_timestamp": "2026-02-20T00:00:00.000000Z"}, {"uuid": "93ad8a07-8530-4104-85e1-70516710bcfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1385", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 #1day: CVE-2020-6287 SAP RCE. Creating user.\n\nhttps://github.com/duc-nt/CVE-2020-6287-exploit | #ZeroDay", "creation_timestamp": "2020-07-21T03:41:14.000000Z"}, {"uuid": "fe6eab82-1e31-4ec3-b428-c045ee727747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1b65712f-04b3-4102-a45a-a3dd5714866e", "content": "", "creation_timestamp": "2026-02-02T12:29:02.209299Z"}, {"uuid": "30e1627c-564d-46af-a71d-01e6fe158fb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://t.me/cKure/1274", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \ud83d\udce2 CVE-2020-6287 Advisory: https://us-cert.cisa.gov/ncas/alerts/aa20-195a", "creation_timestamp": "2020-07-14T08:44:29.000000Z"}, {"uuid": "cc6e25ca-eb61-4ba7-8b33-8b58a9c124e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "https://t.me/Yemen_Shield/80", "content": "A newly disclosed highly-critical vulnerability (CVE-2020-6287 with CVSS score 10 out of 10) residing in SAP's Java-based solutions could let attackers compromise affected corporate servers.\n\nhttps://thehackernews.com/2020/07/sap-netweaver-vulnerability.html\n\nPatches are now available.", "creation_timestamp": "2020-07-14T19:42:12.000000Z"}, {"uuid": "358d860f-8ba5-427d-a6a5-d5b63007036a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://t.me/arpsyndicate/1906", "content": "#ExploitObserverAlert\n\nCVE-2020-6287\n\nDESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-6287. SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.\n\nFIRST-EPSS: 0.972740000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T03:55:45.000000Z"}, {"uuid": "1d5a50b0-a4f0-4af6-9bb7-7980186583c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://t.me/CyberGovIL/791", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05e9\u05e8\u05ea\u05d9 \u05d9\u05d9\u05e9\u05d5\u05de\u05d9\u05dd \u05e9\u05dc SAP | 98417\n\n1.   \u05d1\u05de\u05e1\u05d2\u05e8\u05ea \u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9\u05d9 \u05e9\u05dc\u05d4 (SAP Security Patch Day), \u05d7\u05e9\u05e4\u05d4 \u05d7\u05d1\u05e8\u05ea SAP \u05db\u05d9 \u05e7\u05d9\u05d9\u05de\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-6287) \u05d4\u05de\u05e9\u05e4\u05d9\u05e2\u05d4 \u05e2\u05dc \u05d0\u05e9\u05e3 \u05e7\u05d1\u05d9\u05e2\u05ea \u05d4\u05ea\u05e6\u05d5\u05e8\u05d4 \u05e9\u05dc \u05e9\u05e8\u05ea\u05d9 \u05d4\u05d9\u05d9\u05e9\u05d5\u05de\u05d9\u05dd (AS) NetWeaver \u05e9\u05dc \u05d4\u05d7\u05d1\u05e8\u05d4.\n\n2.   \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d4\u05e9\u05ea\u05dc\u05d8 \u05e2\u05dc \u05d9\u05d9\u05e9\u05d5\u05de\u05d9 SAP \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05e8\u05d5\u05d8\u05d5\u05e7\u05d5\u05dc HTTP, \u05dc\u05dc\u05d0 \u05e6\u05d5\u05e8\u05da \u05d1\u05d4\u05d6\u05d3\u05d4\u05d5\u05ea.\n\n3.   \u05d1\u05e9\u05dc \u05d4\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05e9\u05dc \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d5\u05d7\u05e9\u05d9\u05d1\u05d5\u05ea\u05dd \u05e9\u05dc \u05d4\u05d9\u05d9\u05e9\u05d5\u05de\u05d9\u05dd \u05d4\u05e2\u05e1\u05e7\u05d9\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea SAP, \u05d4\u05e1\u05d5\u05db\u05e0\u05d5\u05ea \u05dc\u05d0\u05d1\u05d8\u05d7\u05ea \u05e1\u05d9\u05d9\u05d1\u05e8 \u05d5\u05ea\u05e9\u05ea\u05d9\u05d5\u05ea \u05e9\u05dc \u05d0\u05e8\u05e6\u05d5\u05ea \u05d4\u05d1\u05e8\u05d9\u05ea (CISA) \u05de\u05de\u05dc\u05d9\u05e6\u05d4 \u05dc\u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05dd \u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d0\u05ea \u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05e9\u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05d7\u05d1\u05e8\u05d4 \u05d1\u05d0\u05d5\u05e4\u05df \u05de\u05d9\u05d3\u05d9.", "creation_timestamp": "2020-07-14T18:09:32.000000Z"}, {"uuid": "5c49aa0b-3703-4708-a53f-8be6df23b248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "Telegram/Mi5tU5PQUOx2sFJfTdNYRjBK1xPZpEd2hna7UQyoVap6RGax", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}, {"uuid": "3fa95d68-e912-48ba-8961-03e032ffab51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "Telegram/lWAGv8YDI46dFjjFFY_QXPPwmkKa6QIojZ6ZnkxuW1UDxw", "content": "", "creation_timestamp": "2020-07-16T19:08:39.000000Z"}, {"uuid": "02b6eeb4-0670-4f16-a166-7ce72ccd67a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "Telegram/6y4fLpgiM5MlqlSZhH92OB8LlrFSPfCNyXjS3agwekTN1g", "content": "", "creation_timestamp": "2020-07-30T13:18:50.000000Z"}, {"uuid": "56463633-df40-4b58-a968-eb9062a94592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "https://t.me/information_security_channel/39176", "content": "SAP released updates for critical security vulnerability found in the SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30 to 7.50. The vulnerability can be tracked as CVE-2020-6287 and it is rated with a maximum CVSS score of 10 out of 10. The RECON (short for Remotely Exploitable Code On NetWeaver) was found by Onapsis [\u2026]\nThe post Critical SAP Recon Vulnerability Affecting Over 40,000 Customers (https://gbhackers.com/sap-recon-vulnerability/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-07-14T14:42:55.000000Z"}, {"uuid": "838c34d1-4f34-44ad-b1b3-79ac3146d738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "https://t.me/true_secator/817", "content": "Bad Packets \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0440\u0430\u0434\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c\u0438 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u043c\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438.\n\n\u0412\u0447\u0435\u0440\u0430 \u043e\u043d\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0444\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f CVE-2020-6287 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 SAP NetWeaver. \u041e\u043f\u044f\u0442\u044c \u0442\u0430\u043a\u0438 \u043a\u0442\u043e-\u0442\u043e \u0431\u0443\u0434\u0435\u0442 \u043b\u043e\u043c\u0430\u0442\u044c.\n\n\u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 RECON, \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 SAP NetWeaver AS \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 SAP.\n\nSAP \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0434\u0430\u043d\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0438\u044e\u043b\u044c\u0441\u043a\u043e\u043c \u043f\u0430\u0442\u0447\u0435. \u041d\u043e, \u043a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430, \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043d\u0430\u0439\u0434\u0443\u0442\u0441\u044f \"\u0442\u0430\u043b\u0430\u043d\u0442\u043b\u0438\u0432\u044b\u0435\" \u043b\u044e\u0434\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c. \u0410 \u043f\u043e\u0442\u043e\u043c \u0431\u0443\u0434\u0443\u0442 \u043a\u0440\u0438\u043a\u0438 \"\u043a\u0430\u0440\u0430\u0443\u043b, \u0443 \u043c\u0435\u043d\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044e \u0443\u043a\u0440\u0430\u043b\u0438\".", "creation_timestamp": "2020-08-05T14:13:11.000000Z"}, {"uuid": "ea4cf7e9-71ba-483e-8584-87eca20dd1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/9421", "content": "\u0414\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RECON \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\n\n\u041d\u0430 GitHub \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RECON (CVE-2020-6287), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 SAP-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.\n\nhttps://xakep.ru/2020/07/16/recon-poc/", "creation_timestamp": "2020-07-16T13:00:14.000000Z"}, {"uuid": "8939f62c-ed72-4b37-80de-2631f6e3c7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "exploited", "source": "https://t.me/information_security_channel/39304", "content": "Last Week SAP releases updates to fix critical security vulnerability found in the SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30 to 7.50. The vulnerability can be tracked as CVE-2020-6287 and it is rated with a maximum CVSS score of 10 out of 10. The RECON vulnerability (short for Remotely Exploitable Code On NetWeaver) [\u2026]\nThe post Hackers Massively Scanning for SAP Recon Vulnerability (https://gbhackers.com/scans-sap-recon-vulnerability/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-07-19T08:22:31.000000Z"}, {"uuid": "52ae456d-ecae-4083-ad7f-8a94ec5ea656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://t.me/thehackernews/759", "content": "A newly disclosed highly-critical vulnerability (CVE-2020-6287 with CVSS score 10 out of 10) residing in SAP's Java-based solutions could let attackers compromise affected corporate servers.\n\nhttps://thehackernews.com/2020/07/sap-netweaver-vulnerability.html\n\nPatches are now available.", "creation_timestamp": "2020-07-14T09:24:21.000000Z"}, {"uuid": "8554c8d8-9e36-4345-aad2-dd3647811474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1431", "content": "#exploit\nCVE-2020-6287,\nCVE-2020-6286:\nSAP NetWeaver Application Server Java component LM Configuration Wizard RECON vulnerability\nhttps://github.com/chipik/SAP_RECON\n]-> SAP RCE Exploit:\nhttps://github.com/duc-nt/CVE-2020-6287-exploit\n]-> Technical Details:\nhttps://us-cert.cisa.gov/ncas/alerts/aa20-195a", "creation_timestamp": "2024-11-02T15:59:08.000000Z"}, {"uuid": "aee6f7db-eaca-4de9-94f6-eda05acf344f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "published-proof-of-concept", "source": "https://t.me/SecLabNews/8103", "content": "\u0421\u043f\u0443\u0441\u0442\u044f \u0432\u0441\u0435\u0433\u043e \u0434\u0432\u0430 \u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u041f\u041e SAP \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-6287, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 RECON, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442   \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.    \n\u0414\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 SAP \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442", "creation_timestamp": "2020-07-22T08:28:06.000000Z"}, {"uuid": "6d18f191-17d1-4589-88be-249610cd877c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6287", "type": "seen", "source": "https://t.me/SecLabNews/8074", "content": "\u041a\u0440\u0443\u043f\u043d\u044b\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u041f\u041e SAP \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u0435\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Onapsis, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-6287, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 RECON, \u0434\u0435\u043b\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0435. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Onapsis \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043c\u0430\u0435 \u043d\u044b\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 \u043e \u043d\u0435\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.     \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SAP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439", "creation_timestamp": "2020-07-30T07:57:02.000000Z"}]}