Vulnerabilities > CVE-2017-9843 - Unspecified vulnerability in SAP Netweaver Abap 7.40

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

sap

NVD

Published: 2017-07-12

Updated: 2023-01-27

Summary

SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Abap 7.40	1

References

http://www.securityfocus.com/bid/96900
https://erpscan.io/advisories/erpscan-17-010-sap-netweaver-abap-dispwork-crash-using-cl_java_script/