Описание
SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the network, this causes the SAP application to crash and has high impact on the availability of the SAP system.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListMitigationThird Party Advisory
- Permissions Required
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListMitigationThird Party Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.5.38 (включая)
cpe:2.3:a:sap:commoncryptolib:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03078
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
github
больше 3 лет назад
SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the network, this causes the SAP application to crash and has high impact on the availability of the SAP system.
EPSS
Процентиль: 86%
0.03078
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476