CNVD-2020-38866

Risk Scores

Affected Products

Exploit Intelligence

• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-6287 (circl)
• https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 (circl)
• https://launchpad.support.sap.com/#/notes/2934135 (circl)
• https://www.onapsis.com/recon-sap-cyber-security-vulnerability (circl)
• 20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks (circl)
• http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html (circl)
• CIRCL exploited: CVE-2020-6287 (circl-sighting)
• CIRCL seen: CVE-2020-6287 (circl-sighting)
• CIRCL exploited: CVE-2020-6287 (circl-sighting)
• CIRCL seen: CVE-2020-6287 (circl-sighting)

…and 14 more exploits

Timeline

• Apr 17, 2019 CVE Published
• Jul 23, 2020 PoC Published
• Nov 8, 2021 PoC Published
• Nov 20, 2021 PoC Published
• Nov 14, 2024 PoC Published
• Dec 24, 2024 PoC Published
• Jan 12, 2025 PoC Published
• Jan 26, 2025 PoC Published
• Feb 6, 2025 PoC Published
• Feb 23, 2025 PoC Published
• Feb 23, 2025 PoC Published
• Jun 5, 2025 PoC Published

References

• https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 url
• https://launchpad.support.sap.com/#/notes/2934135 url
• https://www.onapsis.com/recon-sap-cyber-security-vulnerability url
• 20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks mailing-list
• http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html url
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-6287 url