Vulnerabilities > CVE-2023-28763 - Unspecified vulnerability in SAP Netweaver Application Server Abap

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sap

NVD

Published: 2023-04-11

Updated: 2023-04-14

Summary

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Application Server Abap 750 SAP Netweaver Application Server Abap 752 SAP Netweaver Application Server Abap 753 SAP Netweaver Application Server Abap 754 SAP Netweaver Application Server Abap 755 SAP Netweaver Application Server Abap 756 SAP Netweaver Application Server Abap 740 SAP Netweaver Application Server Abap 751 SAP Netweaver Application Server Abap 757 SAP Netweaver Application Server Abap 791	10

Summary

Vulnerable Configurations

References