Memory Corruption vulnerability in SAP Web Dispatcher
CVE-2023-35871

7.7HIGH

Key Information:

Vendor: SAP
Status: SAP Web Dispatcher
Vendor: CVE Published:; 11 July 2023

Summary

An identified vulnerability in SAP Web Dispatcher and related products allows unauthenticated attackers to exploit logical errors in memory management, potentially leading to memory corruption. This can result in an adverse effect on system integrity and availability, posing risks to data and operational stability. Users are advised to implement security updates as detailed in the vendor's announcement.

Affected Version(s)

SAP Web Dispatcher WEBDISP 7.53

SAP Web Dispatcher WEBDISP 7.54

SAP Web Dispatcher WEBDISP 7.77

References

https://me.sap.com/notes/3340735

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Jun 19, 2023