Attacker Can Impede Performance, Causing Delays and Service Interruptions

CVE-2024-33001

6.5MEDIUM

Key Information

Vendor: SAP
Status: SAP Netweaver And Abap Platform
Vendor: CVE Published:; 11 June 2024

Summary

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimate users causing high impact on availability of the application.

Affected Version(s)

SAP NetWeaver and ABAP platform = ST-PI 2008_1_700

SAP NetWeaver and ABAP platform = 2008_1_710

SAP NetWeaver and ABAP platform = 740

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 11, 2024
Vulnerability Reserved.
Apr 23, 2024

Collectors

NVD DatabaseMitre Database