Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-23689

Опубликовано: 10 фев. 2026
Источник: nvd
CVSS3: 7.7
EPSS Низкий

Описание

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution that consumes excessive system resources, potentially rendering the system unavailable. Successful exploitation results in a denial-of-service condition that impacts availability, while confidentiality and integrity remain unaffected.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:advanced_planning_and_optimization:713:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_planning_and_optimization:714:*:*:*:*:*:*:*
cpe:2.3:a:sap:supply_chain_management:700:*:*:*:*:*:*:*
cpe:2.3:a:sap:supply_chain_management:701:*:*:*:*:*:*:*
cpe:2.3:a:sap:supply_chain_management:702:*:*:*:*:*:*:*
cpe:2.3:a:sap:supply_chain_management:712:*:*:*:*:*:*:*

EPSS

Процентиль: 27%
0.00354
Низкий

7.7 High

CVSS3

Дефекты

CWE-606
CWE-770

Связанные уязвимости

github логотип

GHSA-g3pc-2885-cj35

CVSS3: 7.7
github
5 месяцев назад

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution that consumes excessive system resources, potentially rendering the system unavailable. Successful exploitation results in a denial-of-service condition that impacts availability, while confidentiality and integrity remain unaffected.

EPSS

Процентиль: 27%
0.00354
Низкий

7.7 High

CVSS3

Дефекты

CWE-606
CWE-770