CVE-2024-30218
MEDIUMSAP NetWeaver AS ABAP and ABAP Platform - Denial of Service via Multiple Binds to the Same Port
Title source: llmDescription
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.
References (2)
Core 2
Core References
Various Sources
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
Vendor Advisory
https://me.sap.com/notes/3359778
Scores
CVSS v3
6.5
EPSS
0.0022
EPSS Percentile
44.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-605
Status
published
Products (12)
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.22
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.53
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.54
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.77
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.85
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.89
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KERNEL 7.93
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KRNL64NUC 7.22
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KRNL64NUC 7.22EXT
SAP_SE/SAP NetWeaver AS ABAP and ABAP Platform
KRNL64UC 7.22
... and 2 more
Published
Apr 09, 2024
Tracked Since
Feb 18, 2026