Описание
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:sap_kernel:7.21:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_kernel:7.22:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_kernel:7.42:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00736
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-772
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.
EPSS
Процентиль: 72%
0.00736
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-772