6.5
CVE-2024-30218
- EPSS 0.17%
- Veröffentlicht 09.04.2024 01:15:50
- Zuletzt bearbeitet 21.11.2024 09:11:28
- Quelle cna@sap.com
- Teams Watchlist Login
- Unerledigt Login
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSAP_SE
≫
Produkt
SAP NetWeaver AS ABAP and ABAP Platform
Default Statusunaffected
Version
KRNL64NUC 7.22
Status
affected
Version
KRNL64NUC 7.22EXT
Status
affected
Version
KRNL64UC 7.22
Status
affected
Version
KRNL64UC 7.22EXT
Status
affected
Version
KRNL64UC 7.53
Status
affected
Version
KERNEL 7.22
Status
affected
Version
KERNEL 7.53
Status
affected
Version
KERNEL 7.77
Status
affected
Version
KERNEL 7.85
Status
affected
Version
KERNEL 7.89
Status
affected
Version
KERNEL 7.54
Status
affected
Version
KERNEL 7.93
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.384 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-605 Multiple Binds to the Same Port
When multiple sockets are allowed to bind to the same port, other services on that port may be stolen or spoofed.