exploitDog

CVE-2017-9845

Опубликовано: 12 июл. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918.

Ссылки

http://www.securityfocus.com/bid/96874
Third Party Advisory
VDB Entry
https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/
http://www.securityfocus.com/bid/96874
Third Party Advisory
VDB Entry
https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04189

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-55qf-6mr4-qmxv

CVSS3: 7.5

github

больше 3 лет назад

disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918.

EPSS

Процентиль: 88%

0.04189

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-400