|Number of vulnerabilities||1|
|CVE ID|| CVE-2017-9845
|CWE ID|| CWE-400
|Public exploit||Not available|
|Vulnerable software versions||
SAP NetWeaver 7.4
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in SAP NetWeaver Dynpro Engine due to improper handling of DIAG requests by the disp+work process port. A remote attacker can send a specially crafted DIAG request, trigger resource exhaustion and cause the service to crash.Remediation
Install update from vendor's website.