Unrated severityNVD Advisory· Published Apr 1, 2015· Updated May 6, 2026

CVE-2015-2815

Description

Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369.

Affected products

SAP/Netweaver2 versions
cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.htmlnvd
seclists.org/fulldisclosure/2015/Jun/61nvd
www.securityfocus.com/archive/1/535825/100/800/threadednvd
www.securityfocus.com/bid/73897nvd
erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000