PT-2024-8861 · Sap · Sap Netweaver Application Server For Abap/Abap Platform

Published

2024-11-11

Updated

2024-11-12

CVE-2024-47586

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP and ABAP Platform (affected versions not specified)

Description: The issue allows an unauthenticated attacker to send a maliciously crafted http request, which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity. The vulnerability can be exploited by a remote attacker, allowing for a denial of service.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2024-10527

CVE-2024-47586

Affected Products

Sap Netweaver Application Server For Abap/Abap Platform

PT-2024-8861 · Sap · Sap Netweaver Application Server For Abap/Abap Platform

CVE-2024-47586

Weakness Enumeration

Related Identifiers

Affected Products

References · 11