Vulnerabilities > CVE-2023-32114 - Unspecified vulnerability in SAP Netweaver

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

sap

NVD

Published: 2023-06-13

Updated: 2024-09-28

Summary

SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver 702 SAP Netweaver 731 SAP Netweaver 740 SAP Netweaver 750 SAP Netweaver 751 SAP Netweaver 752 SAP Netweaver 753 SAP Netweaver 754 SAP Netweaver 755 SAP Netweaver 756 SAP Netweaver 757	11

References

https://launchpad.support.sap.com/#/notes/3325642
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html