CVE-2024-33008
Memory Corruption vulnerability in SAP Replication Server
Severity Score
4.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the system.
SAP Replication Server permite a un atacante utilizar una puerta de enlace para ejecutar algunos comandos a RSSD. Esto podría provocar que el servidor de replicación colapse debido a daños en la memoria con un alto impacto en la disponibilidad del sistema.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-04-23 CVE Reserved
- 2024-05-14 CVE Published
- 2024-05-14 EPSS Updated
- 2024-09-26 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://me.sap.com/notes/3349468 | ||
| https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| SAP SE Search vendor "SAP SE" | SAP Replication Server Search vendor "SAP SE" for product "SAP Replication Server" | 16.0 Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP Replication Server Search vendor "SAP SE" for product "SAP Replication Server" | 16.0.3 Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0.3" | en |
Affected
| ||||||
| SAP SE Search vendor "SAP SE" | SAP Replication Server Search vendor "SAP SE" for product "SAP Replication Server" | 16.0.4 Search vendor "SAP SE" for product "SAP Replication Server" and version "16.0.4" | en |
Affected
| ||||||