CVE-2023-32114: Denial of Service in SAP NetWeaver
First published: Tue Jun 13 2023(Updated: )
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
Credit: cna@sap.com cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver | =702 | |
| SAP NetWeaver | =731 | |
| SAP NetWeaver | =740 | |
| SAP NetWeaver | =750 | |
| SAP NetWeaver | =751 | |
| SAP NetWeaver | =752 | |
| SAP NetWeaver | =753 | |
| SAP NetWeaver | =754 | |
| SAP NetWeaver | =755 | |
| SAP NetWeaver | =756 | |
| SAP NetWeaver | =757 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-32114.
What is the severity of CVE-2023-32114?
The severity of CVE-2023-32114 is low.
What is the affected software?
The affected software is SAP NetWeaver (Change and Transport System) versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757.
How does CVE-2023-32114 affect the server?
CVE-2023-32114 allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable.
Where can I find more information about CVE-2023-32114?
You can find more information about CVE-2023-32114 in the SAP support note [3325642](https://launchpad.support.sap.com/#/notes/3325642) and the SAP document [fa865ea4-167e-0010-bca6-c68f7e60039b.html](https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html).
- collector/nvd-index
- agent/references
- agent/type
- agent/author
- agent/title
- agent/severity
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/sap
- canonical/sap netweaver
- version/sap netweaver/702
- version/sap netweaver/731
- version/sap netweaver/740
- version/sap netweaver/750
- version/sap netweaver/751
- version/sap netweaver/752
- version/sap netweaver/753
- version/sap netweaver/754
- version/sap netweaver/755
- version/sap netweaver/756
- version/sap netweaver/757