Description
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
References (2)
Core 2
Core References
Permissions Required
https://launchpad.support.sap.com/#/notes/3325642
Scores
CVSS v3
2.7
EPSS
0.0008
EPSS Percentile
24.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-732
Status
published
Products (11)
sap/netweaver
702
sap/netweaver
731
sap/netweaver
740
sap/netweaver
750
sap/netweaver
751
sap/netweaver
752
sap/netweaver
753
sap/netweaver
754
sap/netweaver
755
sap/netweaver
756
... and 1 more
Published
Jun 13, 2023
Tracked Since
Feb 18, 2026