CVE-2017-9844

HIGH EXPLOITED

SAP NetWeaver 7400.12.21.30308 - RCE/DoS

Title source: llm

Exploitation Summary

CVE-2017-9844 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer deserializes a malicious object that may cause legitimate users accessing a service, either by crashing or flooding the service.

References (3)

Core 3

Core References

Broken Link

https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/

Permissions Required

https://me.sap.com/notes/2399804

Third Party Advisory, VDB Entry vdb-entry

http://www.securityfocus.com/bid/96865

Scores

CVSS v3 7.5

EPSS 0.0174

EPSS Percentile 82.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

VulnCheck KEV 2025-04-22

CWE

CWE-502

Status published

Products (1)

sap/netweaver 7400.12.21.30308

Published Jul 12, 2017

Tracked Since Feb 18, 2026