CVE-2023-25618 Information

Description

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700 701 702 731 740 750 751 752 753 754 755 756 757 791 has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with certain parameters which will consume the server’s resources sufficiently to make it unavailable. There is no ability to view or modify any information.

Reference

https://launchpad.support.sap.com/#/notes/3296346 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html