VDB

CISA-2023-29185

CISA-2023-29185 PUBLISHED CVSS 5.3 MEDIUM

Reported by sap · Published April 11, 2023

SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
SAPNetWeaver AS for ABAP (Business Server Pages)700, 701, 702
SAPNetWeaver AS for ABAP (Business Server Pages)701, 700, 702

Timeline

  • Apr 11, 2023 CVE Published
  • Feb 7, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›