VYPR
High severity7.5NVD Advisory· Published Feb 15, 2017· Updated Jun 17, 2026

CVE-2017-5997

CVE-2017-5997

Description

The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.

Affected products

4
  • SAP/Kernel4 versions
    cpe:2.3:a:sap:sap_kernel:7.21:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:sap:sap_kernel:7.21:*:*:*:*:*:*:*
    • cpe:2.3:a:sap:sap_kernel:7.22:*:*:*:*:*:*:*
    • cpe:2.3:a:sap:sap_kernel:7.42:*:*:*:*:*:*:*
    • (no CPE)range: 7.21-7.49

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.