// For flags

CVE-2024-33008

Memory Corruption vulnerability in SAP Replication Server

Severity Score

4.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the system.

SAP Replication Server permite a un atacante utilizar una puerta de enlace para ejecutar algunos comandos a RSSD. Esto podría provocar que el servidor de replicación colapse debido a daños en la memoria con un alto impacto en la disponibilidad del sistema.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-04-23 CVE Reserved
  • 2024-05-14 CVE Published
  • 2024-05-14 EPSS Updated
  • 2024-09-26 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
SAP SE
Search vendor "SAP SE"
SAP Replication Server
Search vendor "SAP SE" for product "SAP Replication Server"
16.0
Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0"
en
Affected
SAP SE
Search vendor "SAP SE"
SAP Replication Server
Search vendor "SAP SE" for product "SAP Replication Server"
16.0.3
Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0.3"
en
Affected
SAP SE
Search vendor "SAP SE"
SAP Replication Server
Search vendor "SAP SE" for product "SAP Replication Server"
16.0.4
Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0.4"
en
Affected