CVE-2024-33001

Опубликовано: 11 июн. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service.

An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimate users causing high impact on availability of the application.

Ссылки

https://me.sap.com/notes/3453170
Permissions Required
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
Patch
Vendor Advisory
https://me.sap.com/notes/3453170
Permissions Required
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_application_server_abap:2008_1_710:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_application_server_abap:st-pi_2008_1_700:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00418

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400

NVD-CWE-noinfo

Связанные уязвимости

GHSA-f4xj-jr64-mrrf

CVSS3: 6.5

github

больше 1 года назад

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimate users causing high impact on availability of the application.

BDU:2024-05101

CVSS3: 6.5

fstec

почти 2 года назад

Уязвимость программных интеграционных платформ SAP NetWeaver AS ABAP и SAP NetWeaver ABAP, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 61%

0.00418

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400

NVD-CWE-noinfo