Design/Logic Flaw

2016-04-1414:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.9%

JSON

The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.

CPENameOperatorVersion
netweavereq7.1
netweavereq7.2
netweavereq7.3
netweavereq7.4

Name	Operator	Version
netweaver	eq	7.1
netweaver	eq	7.2
netweaver	eq	7.3
netweaver	eq	7.4

References

erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/

erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/