CVE-2017-7696

SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large…

mitre·CWE-770·Published 2017-04-14

CVSS

—

EPSS

0.36

KEV

Exploits

cve.orgen

240 chars

SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.

NVDen

240 chars

NVDes

296 chars

SAP AS JAVA SSO Authentication Library 2.0 hasta la versión 3.0 permite a los atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de valores grandes en los parámetros de anchura y altura a otp_logon_ui_resources/qr, también conocido como SAP Security Note 2389042.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H