CVE-2023-40308
published 2023-09-12CVE-2023-40308: SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
Affected
62 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | commoncryptolib | — | — |
| sap | content_server | — | — |
| sap | content_server | — | — |
| sap | content_server | — | — |
| sap | extended_application_services_and_runtime | — | — |
| sap | hana_database | — | — |
| sap | host_agent | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_java | — | — |