From gbhackers.com
Last Week SAP releases updates to fix critical security vulnerability found in the SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30 to 7.50.The vulnerability can be tracked as CVE-2020-6287 and it is rated with a maximum CVSS score of 10 out of 10.
The RECON vulnerability (short for Remotely Exploitable Code On NetWeaver) is due to a lack of authentication in a web component of the SAP NetWeaver AS for Java that allows high-privileged activities on the vulnerable SAP system.