SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/92418 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/95363 | Third Party Advisory VDB Entry |
https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ | Third Party Advisory |
Configurations
History
20 Apr 2021, 19:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:* | |
References | (MISC) https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/95363 - Third Party Advisory, VDB Entry |
Information
Published : 2016-11-23 02:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-9562
Mitre link : CVE-2016-9562
CVE.ORG link : CVE-2016-9562
JSON object : View
Products Affected
sap
- netweaver_application_server_java
CWE
CWE-476
NULL Pointer Dereference