The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote malicious users to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap sap kernel 7.22 |
||
sap sap kernel 7.21 |
||
sap sap kernel 7.42 |