CVE-2007-3615

3 documents3 sources

Severity

7.8HIGH

EPSS

2.2%

top 15.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SAP WEB Application Server

Timeline

PublishedJul 6

Latest updateMay 1

Description

Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDsap/sap_web_application_server5 versions+4

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-444g-7h8r-45m8: Internet Communication Manager (aka ICMAN↗2022-05-01

▶

CVEList

CVE-2007-3615: Internet Communication Manager (aka ICMAN↗2007-07-06

▶