Vulnerabilities > CVE-2023-40308 - Out-of-bounds Write vulnerability in SAP products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
sap
CWE-787

Summary

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.

Vulnerable Configurations

Part Description Count
Application
Sap
47

Common Weakness Enumeration (CWE)