7.7
CVE-2026-27689
- EPSS 0.07%
- Veröffentlicht 10.03.2026 00:19:05
- Zuletzt bearbeitet 11.03.2026 13:53:47
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution that consumes excessive system resources, potentially rendering the system unavailable. Successful exploitation results in a denial-of-service condition that impacts availability, while confidentiality and integrity remain unaffected.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSAP_SE
≫
Produkt
SAP Supply Chain Management
Default Statusunaffected
Version
SCMAPO 713
Status
affected
Version
714
Status
affected
Version
S4CORE 102
Status
affected
Version
103
Status
affected
Version
104
Status
affected
Version
S4COREOP 105
Status
affected
Version
106
Status
affected
Version
107
Status
affected
Version
108
Status
affected
Version
109
Status
affected
Version
SCM 700
Status
affected
Version
701
Status
affected
Version
702
Status
affected
Version
712
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.219 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-606 Unchecked Input for Loop Condition
The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.