Vulnerabilities > SAP > WEB Dispatcher > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-40308 Out-of-bounds Write vulnerability in SAP products
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable.
network
low complexity
sap CWE-787
7.5
7.5
2022-04-12 CVE-2022-28772 Out-of-bounds Write vulnerability in SAP Netweaver and web Dispatcher
By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.
network
low complexity
sap CWE-787
7.5
7.5
2022-04-12 CVE-2022-28773 Uncontrolled Recursion vulnerability in SAP Netweaver and web Dispatcher
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
network
low complexity
sap CWE-674
7.5
7.5