CVE-2016-9562

SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*

History

20 Apr 2021, 19:42

Type Values Removed Values Added
CPE cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:* cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*
References (MISC) https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ - (MISC) https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/95363 - (BID) http://www.securityfocus.com/bid/95363 - Third Party Advisory, VDB Entry

Information

Published : 2016-11-23 02:59

Updated : 2023-12-10 12:01


NVD link : CVE-2016-9562

Mitre link : CVE-2016-9562

CVE.ORG link : CVE-2016-9562


JSON object : View

Products Affected

sap

  • netweaver_application_server_java
CWE
CWE-476

NULL Pointer Dereference