VDB
CISA-2023-29185
CISA-2023-29185
PUBLISHED
CVSS 5.3 MEDIUM
Reported by sap · Published April 11, 2023
SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.
Risk Scores
CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP | NetWeaver AS for ABAP (Business Server Pages) | 700, 701, 702 |
| SAP | NetWeaver AS for ABAP (Business Server Pages) | 701, 700, 702 |
Timeline
- Apr 11, 2023 CVE Published
- Feb 7, 2025 CVE Updated