漏洞标题
N/A
漏洞描述信息
SAP NetWeaver ABAP服务器和ABAP平台(Enqueue服务器),版本 - KRNL32NUC - 7.22,7.22EXT,KRNL64NUC - 7.22,7.22EXT,7.49,KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73,Kernel - 7.22,8.04,7.49,7.53,7.73,允许没有系统特定知识的未验证攻击者在网络中发送一个特别 crafted 的包,这将导致系统内部错误,由于方法EncOAMParamStore()中的输入验证不正确,导致系统崩溃并使其不可用。在这种攻击中,系统内的数据都无法查看或修改。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method EncOAMParamStore() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
CVSS信息
N/A
漏洞类别
跨界内存读
漏洞标题
SAP NetWeaver AS ABAP Business Server 缓冲区错误漏洞
漏洞描述信息
SAP NetWeaver AS ABAP Business Server是德国思爱普(SAP)公司的一款适用于ABAP(高级商务应用编程)的应用服务器。 SAP NetWeaver AS ABAP Business Server存在缓冲区错误漏洞,该漏洞源于NetWeaver ABAP Server和ABAP Platform存在内存损坏漏洞。攻击者利用该漏洞可以使用SAP产品的多个漏洞。
CVSS信息
N/A
漏洞类别
缓冲区错误