CVE-2024-33008

Memory Corruption vulnerability in SAP Replication Server

CVSS 4.9 MEDIUMEPSS 0.5%CWE-787

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.9EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 May 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the system.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

SAP_SE · SAP Replication Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://me.sap.com/notes/3349468 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html