SAP NetWeaver AS for ABAP up to 8.04 RFC Gateway ThCPIC denial of service

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in SAP NetWeaver AS for ABAP up to 8.04 (Solution Stack Software). This issue affects the function ThCPIC of the component RFC Gateway. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1132934506/11/2021VulD...cve_cnaSAP SEnvd.nist.gov06/11/2021accepted
70
1132934406/11/2021VulD...cve_nvd_summarySAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method ThCPIC() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.cve.mitre.org06/11/2021accepted
70
1132934306/11/2021VulD...cve_assigned1614034800cve.mitre.org06/11/2021accepted
70
1132374906/09/2021VulD...price_0day$5k-$25ksee exploit price documentation06/09/2021accepted
90
1132374806/09/2021VulD...cvss3_meta_tempscore7.5see CVSS documentation06/09/2021accepted
90
1132374706/09/2021VulD...cvss3_meta_basescore7.5see CVSS documentation06/09/2021accepted
90
1132374606/09/2021VulD...cvss3_vuldb_tempscore7.5see CVSS documentation06/09/2021accepted
90
1132374506/09/2021VulD...cvss3_vuldb_basescore7.5see CVSS documentation06/09/2021accepted
90
1132374406/09/2021VulD...cvss2_vuldb_tempscore7.8see CVSS documentation06/09/2021accepted
90
1132374306/09/2021VulD...cvss2_vuldb_basescore7.8see CVSS documentation06/09/2021accepted
90
1132374206/09/2021VulD...cvss3_vuldb_rlXderived from historical data06/09/2021accepted
80
1132374106/09/2021VulD...cvss3_vuldb_eXderived from historical data06/09/2021accepted
80
1132374006/09/2021VulD...cvss2_vuldb_rlNDderived from historical data06/09/2021accepted
80
1132373906/09/2021VulD...cvss2_vuldb_eNDderived from historical data06/09/2021accepted
80
1132373806/09/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector06/09/2021accepted
80
1132373706/09/2021VulD...cvss2_vuldb_aiCderived from vuldb v3 vector06/09/2021accepted
80
1132373606/09/2021VulD...cvss2_vuldb_iiNderived from vuldb v3 vector06/09/2021accepted
80
1132373506/09/2021VulD...cvss2_vuldb_ciNderived from vuldb v3 vector06/09/2021accepted
80
1132373406/09/2021VulD...cvss2_vuldb_auNderived from vuldb v3 vector06/09/2021accepted
80
1132373306/09/2021VulD...cvss2_vuldb_acLderived from vuldb v3 vector06/09/2021accepted
80

Do you need the next level of professionalism?

Upgrade your account now!