We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47586

NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform



Description

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity.

Reserved 2024-09-27 | Published 2024-11-12 | Updated 2024-11-12 | Assigner sap


MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-476: NULL Pointer Dereference

Product status

Default status
unaffected

KRNL64NUC 7.22
affected

7.22EXT
affected

KRNL64UC 7.22
affected

7.53
affected

8.04
affected

KERNEL 7.22
affected

7.54
affected

7.77
affected

7.89
affected

7.93
affected

9.12
affected

9.13
affected

References

me.sap.com/notes/3504390

url.sap/sapsecuritypatchday

cve.org (CVE-2024-47586)

nvd.nist.gov (CVE-2024-47586)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-47586

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.