Denial of Service Vulnerability in SAP Message Server by SAP SE
CVE-2017-5997
7.5HIGH
What is CVE-2017-5997?
The vulnerability in the SAP Message Server HTTP daemon within the SAP KERNEL versions 7.21 through 7.49 allows an attacker to exploit crafted requests targeting the 'group' parameter. By sending multiple requests with specific sizes of the 'group' parameter, an attacker can trigger excessive memory consumption, ultimately leading to a denial of service condition where the server processes may crash. This can disrupt service availability and impact the organization’s operations.