Sign in

back to article So kind of SAP NetWeaver to hand out admin accounts to anyone who can reach it. You'll want to patch this

SAP customers should update their installations to close a security vulnerability that can be exploited to commandeer the software by anyone who can reach it. Dubbed RECON, aka Remotely Exploitable Code On NetWeaver, by its discoverers, security shop Onapsis, the bug in SAP's NetWeaver AS JAVA (LM Configuration Wizard) allows …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. logicalextreme

    As much as I'd love to snark about SAP

    they confirmed the bug the same day and got a patch ready within two weeks without the discoverer having to do anything stupid (we assume). I'm used to seeing vuln disclosures go the other way as of late.

    7 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs