Denial of Service Vulnerability in SAP GUI by SAP
CVE-2016-10079

7.5HIGH

Key Information:

Vendor: SAP
Status: SAPlpd
Vendor: CVE Published:; 1 February 2017

Summary

The SAP GUI for Windows, specifically version 7.40, contains a vulnerability that can lead to a Denial of Service condition. This issue arises from the handling of long strings sent to TCP port 515, which can cause the service to crash. Attackers can exploit this vulnerability to disrupt the availability of the service, impacting users' operations. It is advisable for users to review their configurations and ensure that any necessary security patches are applied to mitigate this risk.

References

https://www.exploit-db.com/exploits/41030/

exploitx_refsource_EXPLOIT-DB

EPSS Score

26% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Dec 29, 2016