CVE-2024-30218
Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.
El servidor de aplicaciones ABAP de SAP NetWeaver, así como la plataforma ABAP, permiten a un atacante impedir que usuarios legítimos accedan a un servicio, ya sea bloqueando o inundando el servicio. Esto tiene un impacto considerable en la disponibilidad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-03-26 CVE Reserved
- 2024-04-09 CVE Published
- 2024-04-09 EPSS Updated
- 2024-09-28 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-605: Multiple Binds to the Same Port
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://me.sap.com/notes/3359778 | ||
| https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.22 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.22" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.53 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.53" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.77 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.77" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.85 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.85" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.89 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.89" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.54 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.54" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP NetWeaver AS ABAP And ABAP Platform Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" | 7.93 Search vendor "SAP SE" for product "SAP NetWeaver AS ABAP And ABAP Platform" and version "7.93" | en |
Affected
| ||||||