A critical SAP configuration vulnerability, resulting from not properly installing SAP systems which, if left insecure, could lead to a full system compromise in unprotected environments. The risk, found in SAP Netweaver, the foundation of all SAP deployments, can be compromised by a remote unauthenticated attacker having network access to the system. The Onapsis Research Labs has written a threat report to enable SAP customers to understand the risk and business impact of leaving this configuration insecure. The report outlines methods that an organization can take to configure this system and ensure that it remains secure.”]
Source: https://onapsis.com/blog/beware-silent-threat-insecure-configurations-your-sap-systems