CVE-2016-4015
HIGHSAP NetWeaver JAVA AS 7.1-7.4 - Denial of Service via Crafted Request
Title source: llmDescription
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/
Third Party Advisory x_refsource_misc
https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/
Scores
CVSS v3
7.5
EPSS
0.0304
EPSS Percentile
86.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (4)
sap/netweaver
7.1
sap/netweaver
7.2
sap/netweaver
7.3
sap/netweaver
7.4
Published
Apr 14, 2016
Tracked Since
Feb 18, 2026