Application: SAP JAVA AS
Versions Affected: SAP JAVA AS 7.2 – 7.4
Vendor URL: SAP
Bugs: Denial of Service
Vendor response: 05.12.2015
Date of Public Advisory: 14.03.2016
Reference: SAP Security Note 2259547
Author: Dmitry Yudin (ERPScan) @ret5et
Class: denial of service
Impact: denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
CVSS Base Score v3: 7.5 / 10
CVSS Base Vector:
|AV: Attack Vector (Related exploit range)||Network (N)|
|AC: Attack Complexity (Required attack complexity)||Low (L)|
|PR: Privileges Required (Level of privileges needed to exploit)||None (N)|
|UI: User Interaction (Required user participation)||None (N)|
|S: Scope (Change in scope due to impact caused to components beyond the vulnerable component)||Unchanged (U)|
|C: Impact to Confidentiality||None (N)|
|I: Impact to Integrity||None (N)|
|A: Impact to Availability||High (H)|
The Java Startup Framework (jstart) in SAP JAVA AS 7.4 allows remote attackers to cause a denial of service via a crafted HTTP request.
A denial of service vulnerability can terminate a process of the vulnerable component. As a result, nobody can use this service, which has a negative influence on business processes. System downtime also harms business reputation.
SAP NetWeaver AS JAVA 7.2- 7.4
Other versions are probably affected too, but they were not checked.
SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2259547
Anonymous attacker can use a special HTTP request to cause denial of service in SAP AS JAVA.