SAP Web Dispatcher (WEBDISP 7.53-7.93) Memory Corruption High Impact
CVE-2023-35871 Published on July 11, 2023
Memory Corruption vulnerability in SAP Web Dispatcher
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.
Vulnerability Analysis
CVE-2023-35871 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity and availability.
Weakness Type
What is a Memory Corruption Vulnerability?
The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
CVE-2023-35871 has been classified to as a Memory Corruption vulnerability or weakness.
Products Associated with CVE-2023-35871
Want to know whenever a new CVE is published for SAP Web Dispatcher? stack.watch will email you.
Affected Versions
SAP_SE SAP Web Dispatcher:- Version WEBDISP 7.53 is affected.
- Version WEBDISP 7.54 is affected.
- Version WEBDISP 7.77 is affected.
- Version WEBDISP 7.85 is affected.
- Version WEBDISP 7.89 is affected.
- Version WEBDISP 7.91 is affected.
- Version WEBDISP 7.92 is affected.
- Version WEBDISP 7.93 is affected.
- Version KERNEL 7.53 is affected.
- Version KERNEL 7.54 KERNEL 7.77 is affected.
- Version KERNEL 7.85 is affected.
- Version KERNEL 7.89 is affected.
- Version KERNEL 7.91 is affected.
- Version KERNEL 7.92 is affected.
- Version KERNEL 7.93 is affected.
- Version KRNL64UC 7.53 is affected.
- Version HDB 2.00 is affected.
- Version XS_ADVANCED_RUNTIME 1.00 is affected.
- Version SAP_EXTENDED_APP_SERVICES 1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.