CVE-2024-30218

Summary

The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKRNL64NUC 7.22affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKRNL64NUC 7.22EXTaffected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKRNL64UC 7.22affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKRNL64UC 7.22EXTaffected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKRNL64UC 7.53affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.22affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.53affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.77affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.85affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.89affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.54affected
SAP_SESAP NetWeaver AS ABAP and ABAP PlatformKERNEL 7.93affected

Weaknesses

  • CWE-605: CWE-605: Multiple Binds to the Same Port

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References