What is the severity of CVE-2023-29185?

The severity of CVE-2023-29185 is medium with a severity value of 6.5.

Which versions of SAP NetWeaver AS for ABAP (Business Server Pages) are affected by CVE-2023-29185?

Versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, and 757 of SAP NetWeaver AS for ABAP (Business Server Pages) are affected by CVE-2023-29185.

What can an attacker do with CVE-2023-29185?

An attacker authenticated as a non-administrative user can craft a request with certain parameters that can consume the server's resources.

How can I fix CVE-2023-29185?

Apply the necessary patches and updates provided by SAP.

Where can I find more information about CVE-2023-29185?

You can find more information about CVE-2023-29185 on the SAP support portal and SAP's official documentation.

Vulnerability/
CVE-2023-29185

medium

6.5

CWE

400

11/4/2023

18/4/2023

CVE-2023-29185

First published: Tue Apr 11 2023(Updated: )

SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters in certain circumstances which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.

Credit: cna@sap.com

Affected Software	Affected Version	How to fix
SAP NetWeaver AS ABAP Business Server Pages	=700
SAP NetWeaver AS ABAP Business Server Pages	=701
SAP NetWeaver AS ABAP Business Server Pages	=702
SAP NetWeaver AS ABAP Business Server Pages	=731
SAP NetWeaver AS ABAP Business Server Pages	=740
SAP NetWeaver AS ABAP Business Server Pages	=750
SAP NetWeaver AS ABAP Business Server Pages	=751
SAP NetWeaver AS ABAP Business Server Pages	=752
SAP NetWeaver AS ABAP Business Server Pages	=753
SAP NetWeaver AS ABAP Business Server Pages	=754
SAP NetWeaver AS ABAP Business Server Pages	=755
SAP NetWeaver AS ABAP Business Server Pages	=756
SAP NetWeaver AS ABAP Business Server Pages	=757

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-29185?
The severity of CVE-2023-29185 is medium with a severity value of 6.5.
Which versions of SAP NetWeaver AS for ABAP (Business Server Pages) are affected by CVE-2023-29185?
Versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, and 757 of SAP NetWeaver AS for ABAP (Business Server Pages) are affected by CVE-2023-29185.
What can an attacker do with CVE-2023-29185?
An attacker authenticated as a non-administrative user can craft a request with certain parameters that can consume the server's resources.
How can I fix CVE-2023-29185?
Apply the necessary patches and updates provided by SAP.
Where can I find more information about CVE-2023-29185?
You can find more information about CVE-2023-29185 on the SAP support portal and SAP's official documentation.

collector/nvd-index
vendor/sap
canonical/sap netweaver as abap business server pages
version/sap netweaver as abap business server pages/700
version/sap netweaver as abap business server pages/701
version/sap netweaver as abap business server pages/702
version/sap netweaver as abap business server pages/731
version/sap netweaver as abap business server pages/740
version/sap netweaver as abap business server pages/750
version/sap netweaver as abap business server pages/751
version/sap netweaver as abap business server pages/752
version/sap netweaver as abap business server pages/753
version/sap netweaver as abap business server pages/754
version/sap netweaver as abap business server pages/755
version/sap netweaver as abap business server pages/756
version/sap netweaver as abap business server pages/757