back to article So kind of SAP NetWeaver to hand out admin accounts to anyone who can reach it. You'll want to patch this

SAP customers should update their installations to close a security vulnerability that can be exploited to commandeer the software by anyone who can reach it. Dubbed RECON, aka Remotely Exploitable Code On NetWeaver, by its discoverers, security shop Onapsis, the bug in SAP's NetWeaver AS JAVA (LM Configuration Wizard) allows …

  1. logicalextreme

    As much as I'd love to snark about SAP

    they confirmed the bug the same day and got a patch ready within two weeks without the discoverer having to do anything stupid (we assume). I'm used to seeing vuln disclosures go the other way as of late.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022