CVE-2007-3615

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server versions 6.x through 7.x

Description The issue allows remote attackers to cause a denial of service, resulting in a process crash. This is achieved by sending a URI of a certain length that contains a sap-isc-key parameter, which is related to the configuration of a web cache.

Recommendations For SAP NetWeaver Application Server versions 6.x through 7.x, consider restricting access to the web cache configuration to minimize the risk of exploitation. As a temporary workaround, avoid using the sap-isc-key parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.