Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25618

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with certain parameters which will consume the server's resources sufficiently to make it unavailable. There is no ability to view or modify any information.

Published

2023-03-14T05:15:29.967

Last Modified

2024-11-21T07:49:50.493

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-400
  • Type: Secondary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sap netweaver_application_server_abap 700 Yes
Application sap netweaver_application_server_abap 701 Yes
Application sap netweaver_application_server_abap 702 Yes
Application sap netweaver_application_server_abap 731 Yes
Application sap netweaver_application_server_abap 740 Yes
Application sap netweaver_application_server_abap 750 Yes
Application sap netweaver_application_server_abap 751 Yes
Application sap netweaver_application_server_abap 752 Yes
Application sap netweaver_application_server_abap 753 Yes
Application sap netweaver_application_server_abap 754 Yes
Application sap netweaver_application_server_abap 755 Yes
Application sap netweaver_application_server_abap 756 Yes
Application sap netweaver_application_server_abap 757 Yes
Application sap netweaver_application_server_abap 791 Yes
References