SAP NetWeaver ABAP Server 7.22 up to 8.04 Enqueue Server EnqConvUniToSrvReq denial of service

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in SAP NetWeaver ABAP Server 7.22 up to 8.04 (Solution Stack Software). This vulnerability affects the function EnqConvUniToSrvReq of the component Enqueue Server. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1132934206/11/2021VulD...cve_cnaSAP SEnvd.nist.gov06/11/2021accepted70
1132934106/11/2021VulD...cve_nvd_summarySAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method EnqConvUniToSrvReq() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.cve.mitre.org06/11/2021accepted70
1132934006/11/2021VulD...cve_assigned1614034800cve.mitre.org06/11/2021accepted70
1132371106/09/2021VulD...price_0day$5k-$25ksee documentation06/09/2021accepted90
1132371006/09/2021VulD...cvss3_meta_tempscore7.5see documentation06/09/2021accepted90
1132370906/09/2021VulD...cvss3_meta_basescore7.5see documentation06/09/2021accepted90
1132370806/09/2021VulD...cvss3_vuldb_tempscore7.506/09/2021accepted90
1132370706/09/2021VulD...cvss3_vuldb_basescore7.506/09/2021accepted90
1132370606/09/2021VulD...cvss2_vuldb_tempscore7.806/09/2021accepted90
1132370506/09/2021VulD...cvss2_vuldb_basescore7.806/09/2021accepted90
1132370406/09/2021VulD...cvss3_vuldb_rlXderived from historical data06/09/2021accepted80
1132370306/09/2021VulD...cvss3_vuldb_eXderived from historical data06/09/2021accepted80
1132370206/09/2021VulD...cvss2_vuldb_rlNDderived from historical data06/09/2021accepted80
1132370106/09/2021VulD...cvss2_vuldb_eNDderived from historical data06/09/2021accepted80
1132370006/09/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector06/09/2021accepted80
1132369906/09/2021VulD...cvss2_vuldb_aiCderived from vuldb v3 vector06/09/2021accepted80
1132369806/09/2021VulD...cvss2_vuldb_iiNderived from vuldb v3 vector06/09/2021accepted80
1132369706/09/2021VulD...cvss2_vuldb_ciNderived from vuldb v3 vector06/09/2021accepted80
1132369606/09/2021VulD...cvss2_vuldb_auNderived from vuldb v3 vector06/09/2021accepted80
1132369506/09/2021VulD...cvss2_vuldb_acLderived from vuldb v3 vector06/09/2021accepted80

Do you want to use VulDB in your project?

Use the official API to access entries easily!