Description
A malicious user can remotely exploit http service on dispatcher process on Web AS Java (J2EE), rendering it, and potentially the resources that are used to serve the dispatcher process, unavailable.
Available fix and Supported packages
- SAP-JEE | 6.40 | 6.40
- SAP-JEECOR | 7.00 | 7.00
- SAP-JEECOR | 6.40 | 6.40
- SAP-JEECOR | 7.01 | 7.02
- SAP J2EE ENGINE 6.40 | SP024 | 000010
- SAP J2EE ENGINE 6.40 | SP025 | 000015
- SAP J2EE ENGINE 6.40 | SP026 | 000013
- SAP J2EE ENGINE 6.40 | SP027 | 000007
- SAP J2EE ENGINE 6.40 | SP028 | 000000
- SAP J2EE ENGINE CORE 6.40 | SP028 | 000000
- SAP J2EE ENGINE CORE 7.00 | SP020 | 000022
- SAP J2EE ENGINE CORE 7.00 | SP021 | 000018
- SAP J2EE ENGINE CORE 7.00 | SP022 | 000008
- SAP J2EE ENGINE CORE 7.00 | SP023 | 000005
- SAP J2EE ENGINE CORE 7.00 | SP024 | 000001
- SAP J2EE ENGINE CORE 7.00 | SP025 | 000000
- SAP J2EE ENGINE CORE 7.01 | SP005 | 000023
- SAP J2EE ENGINE CORE 7.01 | SP006 | 000024
- SAP J2EE ENGINE CORE 7.01 | SP007 | 000013
- SAP J2EE ENGINE CORE 7.01 | SP008 | 000004
- SAP J2EE ENGINE CORE 7.01 | SP009 | 000001
- SAP J2EE ENGINE CORE 7.01 | SP010 | 000000
- SAP J2EE ENGINE CORE 7.02 | SP003 | 000017
- SAP J2EE ENGINE CORE 7.02 | SP004 | 000010
Affected component
- BC-JAS-WEB
Web Container, HTTP, JavaMail, Servlets
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected]
URL
https://launchpad.support.sap.com/#/notes/1562064