Vulnerability Details CVE-2017-14581
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-14581
-
cpe:2.3:a:sap:netweaver_application_server_java:7.00
-
cpe:2.3:a:sap:netweaver_application_server_java:7.01
-
cpe:2.3:a:sap:netweaver_application_server_java:7.02
-
cpe:2.3:a:sap:netweaver_application_server_java:7.05
-
cpe:2.3:a:sap:netweaver_application_server_java:7.1
-
cpe:2.3:a:sap:netweaver_application_server_java:7.10
-
cpe:2.3:a:sap:netweaver_application_server_java:7.11
-
cpe:2.3:a:sap:netweaver_application_server_java:7.2
-
cpe:2.3:a:sap:netweaver_application_server_java:7.20
-
cpe:2.3:a:sap:netweaver_application_server_java:7.21
-
cpe:2.3:a:sap:netweaver_application_server_java:7.22
-
cpe:2.3:a:sap:netweaver_application_server_java:7.3
-
cpe:2.3:a:sap:netweaver_application_server_java:7.30
-
cpe:2.3:a:sap:netweaver_application_server_java:7.31
-
cpe:2.3:a:sap:netweaver_application_server_java:7.4
-
cpe:2.3:a:sap:netweaver_application_server_java:7.40
-
cpe:2.3:a:sap:netweaver_application_server_java:7.45
-
cpe:2.3:a:sap:netweaver_application_server_java:7.49
-
cpe:2.3:a:sap:netweaver_application_server_java:7.5
-
cpe:2.3:a:sap:netweaver_application_server_java:7.50