6.5
CVE-2023-29185
- EPSS 0.48%
- Veröffentlicht 11.04.2023 04:16:08
- Zuletzt bearbeitet 21.11.2024 07:56:40
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
LoginDenial of Service (DOS) in SAP NetWeaver AS for ABAP (Business Server Pages)
SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Netweaver As Abap Business Server Pages Version700
SAP ≫ Netweaver As Abap Business Server Pages Version701
SAP ≫ Netweaver As Abap Business Server Pages Version702
SAP ≫ Netweaver As Abap Business Server Pages Version731
SAP ≫ Netweaver As Abap Business Server Pages Version740
SAP ≫ Netweaver As Abap Business Server Pages Version750
SAP ≫ Netweaver As Abap Business Server Pages Version751
SAP ≫ Netweaver As Abap Business Server Pages Version752
SAP ≫ Netweaver As Abap Business Server Pages Version753
SAP ≫ Netweaver As Abap Business Server Pages Version754
SAP ≫ Netweaver As Abap Business Server Pages Version755
SAP ≫ Netweaver As Abap Business Server Pages Version756
SAP ≫ Netweaver As Abap Business Server Pages Version757
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.649 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| cna@sap.com | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.