Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of service (DOS) in SAP NetWeaver AS Java (Meta Model Repository)
Vulnerability Description
Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact on the availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
SAP NetWeaver和SAP NetWeaver AS 资源管理错误漏洞
Vulnerability Description
SAP NetWeaver和SAP NetWeaver AS都是德国思爱普(SAP)公司的产品。SAP NetWeaver是一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。SAP NetWeaver AS是一款SAP网络应用服务器。它不仅能提供网络服务,且还是SAP软件的基本平台。 SAP NetWeaver AS Java MMR_SERVER 7.5版本存在资源管理错误漏洞,该漏洞源于对元模型仓库服务的无限制访问,攻击者可以对应用程序执行拒绝服务攻击,阻止合法用户访问应用程
CVSS Information
N/A
Vulnerability Type
N/A