DoS Attacks on Repository Services Can Cause High Availability Impact

CVE-2024-34688

7.5HIGH

Key Information

Vendor: SAP
Status: SAP Netweaver As Java
Vendor: CVE Published:; 11 June 2024

Summary

Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact on the availability of the application.

Affected Version(s)

SAP NetWeaver AS Java = MMR_SERVER 7.5

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 11, 2024
Vulnerability Reserved.
May 7, 2024

Collectors

NVD DatabaseMitre Database