Description
SAP NetWeaver AS JAVA (LM Configuration Wizard) does not perform an authentication check which allows an attacker to execute configuration tasks to perform critical actions against the SAP Java system.
Remediation
Install SAP security patches #2934135, #2939665.
References
Related Vulnerabilities
Moodle Improper Authentication Vulnerability (CVE-2013-2245)
Moodle Improper Authentication Vulnerability (CVE-2011-4590)
Docker Registry API is accessible without authentication
Oracle Database Server Improper Authentication Vulnerability (CVE-2012-3137)
Drupal Improper Authentication Vulnerability (CVE-2010-3685)