Описание
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of Quarkus | SAP-NetWeaver | Not affected | ||
| Red Hat Fuse 7 | SAP-NetWeaver | Not affected | ||
| Red Hat Integration Camel K 1 | SAP-NetWeaver | Not affected | ||
| Red Hat Integration Camel Quarkus 1 | SAP-NetWeaver | Not affected | ||
| Red Hat Integration Data Virtualisation Operator | SAP-NetWeaver | Not affected | ||
| Red Hat JBoss Fuse 6 | SAP-NetWeaver | Not affected | ||
| Red Hat JBoss Fuse Service Works 6 | SAP-NetWeaver | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.
EPSS
7.5 High
CVSS3