CVE-2017-9844

HIGH EXPLOITED

SAP NetWeaver 7400.12.21.30308 - RCE/DoS

Title source: llm

Description

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer deserializes a malicious object that may cause legitimate users accessing a service, either by crashing or flooding the service.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/96865

[Broken Link] https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/

[Permissions Required] https://me.sap.com/notes/2399804

Scores

CVSS v3 7.5

EPSS 0.0186

EPSS Percentile 82.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitation Intel

VulnCheck KEV 2025-04-22

Classification

CWE

CWE-502

Status published

Affected Products (1)

sap/netweaver

Timeline

Published Jul 12, 2017

Tracked Since Feb 18, 2026