Home

CVE-2021-40495

Description

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.377

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 740Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAPWindows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 751Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 752Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 753Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 754Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 755Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 740Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 750Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 751Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 752Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 753Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 754Windows
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 755Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234