Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote malicious users to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap internet_communication_manager |
||
sap sap_web_application_server 6.10 |
||
sap sap_web_application_server 6.20 |
||
sap sap_web_application_server 6.40 |
||
sap sap_web_application_server 7.0 |
||
sap sap_web_application_server 7.0.10 |