Описание
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
Связанные уязвимости
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
Уязвимость компонента ENGINEAPI сервера веб-приложений SAP NetWeaver Java Application Server позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2