Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver 7.5
Vendor URL: SAP
Bugs: Denial of Service
Vendor response: 23.04.2016
Date of Public Advisory: 12.07.2016
Reference: SAP Security Note 2315788
Author: Mathieu Geli (ERPScan)
An attacker can use special HTTP request in order to force a server to deserialize evil objects, which results in denial of service.
An attacker can use a Denial-of-service vulnerability to terminate a process of a vulnerable component. For this time nobody can use this service, this fact negatively influences on business processes, system downtime and, as a result, business reputation.