NotCVE - vendor:"Sap" product:"Web Dispatcher" version:"xs_advanced_runtime

2 results (0.002 seconds)

CVSS: 9.7EPSS: 0%CPEs: 20EXPL: 0

CVE-2023-35871 – Memory Corruption vulnerability in SAP Web Dispatcher

https://notcve.org/view.php?id=CVE-2023-35871

11 Jul 2023 — The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosur... • https://me.sap.com/notes/3340735 • CWE-787: Out-of-bounds Write •

CVSS: 9.7EPSS: 0%CPEs: 24EXPL: 0

CVE-2023-33987 – Request smuggling and request concatenation in SAP Web Dispatcher

https://notcve.org/view.php?id=CVE-2023-33987

11 Jul 2023 — An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, can submit a malicious crafted request over a network to a front-end server which may, over severa... • https://me.sap.com/notes/3233899 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •