CVE-2023-27498

Published Mar 14, 2023

Last updated 2 years ago

Overview

Description
SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assigned to the SAP Start Service to submit a crafted request which results in a memory corruption error. This error can be used to reveal but not modify any technical information about the server. It can also make a particular service temporarily unavailable
Source
cna@sap.com
NVD status
Modified

Social media

Hype score
Not currently trending

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
2.7
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
Severity
HIGH

Weaknesses

cna@sap.com
CWE-121

Configurations