Medium CVE-2021-40495: SAP Netweaver abap




Published: 2021-10-12
Description:

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.


Type:
NVD-CWE-noinfo


CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)



CVSS Base Score


Impact Subscore


Exploitability Subscore



5/10




2.9/10




10/10



Exploit range


Attack complexity


Authentication



Remote




Low




No required



Confidentiality impact


Integrity impact


Availability impact



None




None




Partial



 References:


https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983


https://launchpad.support.sap.com/#/notes/3099011







closedb();
?>

Copyright 2021, cxsecurity.com

Support the originator by clicking the read the rest link below.