CVE-2024-33001

Denial of service (DOS) in SAP NetWeaver and ABAP platform

CVSS 6.5 MEDIUMEPSS 0.4%CWE-400

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 6.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

11 jun 2024Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimate users causing high impact on availability of the application.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

SAP_SE · SAP NetWeaver and ABAP platform

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://me.sap.com/notes/3453170 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html