Unrated severityNVD Advisory· Published Sep 12, 2023· Updated Sep 26, 2024

Memory Corruption vulnerability in SAP CommonCryptoLib

CVE-2023-40308

Description

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.

Affected products

SAP Se/Sap Extended Application Services And Runtime (xsa)v5
Range: SAP_EXTENDED_APP_SERVICES 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

me.sap.com/notes/3327896mitre
www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000