Описание
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
Ссылки
- PatchVendor Advisory
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/Vendor Advisory
- PatchVendor Advisory
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:sap:internet_communication_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:7.0.10:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02239
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
EPSS
Процентиль: 84%
0.02239
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other