SapVULNRICHMENT:CVE-2024-34688CVE-2024-34688 Denial of service (DOS) in SAP NetWeaver AS Java (Meta Model Repository)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks
on the application, which may prevent legitimate users from accessing it. This
can result in no impact on confidentiality and integrity but a high impact on
the availability of the application.
CNA Affected
[
{
"vendor": "SAP_SE",
"product": "SAP NetWeaver AS Java",
"versions": [
{
"status": "affected",
"version": "MMR_SERVER 7.5"
}
],
"defaultStatus": "unaffected"
}
]Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%