exploitDog

GHSA-qgqm-qrq8-vrcp

Опубликовано: 11 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

Ссылки

EPSS

Процентиль: 73%

0.00752

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-416

Связанные уязвимости

CVE-2022-22533

CVSS3: 7.5

nvd

почти 4 года назад

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.

EPSS

Процентиль: 73%

0.00752

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-416