CVE-2024-47586

NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

CVSS 5.3 MEDIUMEPSS 3.6%CWE-476

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

SAP_SE · SAP NetWeaver Application Server for ABAP and ABAP Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://me.sap.com/notes/3504390 https://url.sap/sapsecuritypatchday