Description
Web Dynpro ABAP allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
Some well-known impacts of Denial of Service vulnerability are –
- Long response delays and service interruptions, thus degrading the service quality experienced by legitimate users
- Direct impact on availability
Available fix and Supported packages
- SAP_UI | 750 | 750
- SAP_UI | 752 | 752
- SAP_UI | 753 | 753
- SAP_UI | 754 | 754
- SAP_BASIS | 700 | 702
- SAP_BASIS | 710 | 711
- SAP_BASIS | 730 | 730
- SAP_BASIS | 731 | 731
- SAP_BASIS | 804 | 804
- SAP_UI 752 | SAPK-75209INSAPUI |
- SAP_UI 753 | SAPK-75306INSAPUI |
- SAP_UI 754 | SAPK-75403INSAPUI |
- SAP_UI 750 | SAPK-75018INSAPUI |
- SAP_BASIS 710 | SAPKB71025 |
- SAP_BASIS 711 | SAPKB71120 |
- SAP_BASIS 700 | SAPKB70038 |
- SAP_BASIS 701 | SAPKB70123 |
- SAP_BASIS 702 | SAPKB70223 |
- SAP_BASIS 730 | SAPKB73021 |
- SAP_BASIS 731 | SAPKB73127 |
- SAP_BASIS 804 | SAPK-804H5INSAPBASIS |
Affected component
- BC-WD-ABA
Web Dynpro ABAP
CVSS
Score: 5.3
CVSS:/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2856923
