Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-40308

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.

  • Published: Sep 12, 2023
  • Updated: May 4, 2025
  • CVE: CVE-2023-40308
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
sap / netweaver_application_server_abap kernel_7.53 kernel_7.53.x
sap / netweaver_application_server_abap kernel_7.77 kernel_7.77.x
sap / web_dispatcher 7.53 7.53.x
sap / web_dispatcher 7.77 7.77.x
sap / web_dispatcher 7.22ext 7.22ext.x
sap / content_server 7.53 7.53.x
sap / web_dispatcher 7.85 7.85.x
sap / netweaver_application_server_abap kernel_7.22 kernel_7.22.x
sap / netweaver_application_server_abap kernel_8.04 kernel_8.04.x
sap / netweaver_application_server_abap 7.22ext 7.22ext.x
sap / netweaver_application_server_abap kernel_7.85 kernel_7.85.x
sap / web_dispatcher 7.89 7.89.x
sap / web_dispatcher 7.54 7.54.x
sap / netweaver_application_server_abap kernel_7.89 kernel_7.89.x
sap / netweaver_application_server_abap kernel_7.54 kernel_7.54.x
sap / netweaver_application_server_abap kernel_7.92 kernel_7.92.x
sap / netweaver_application_server_abap kernel_7.93 kernel_7.93.x
sap / content_server 6.50 6.50.x
sap / content_server 7.54 7.54.x
sap / hana_database 2.0 2.0.x
sap / host_agent 722 722.x
sap / extended_application_services_and_runtime 1.0 1.0.x
sap / sapssoext 17.0 17.0.x
sap / commoncryptolib 8.0.0 8.0.0.x
sap / netweaver_application_server_java kernel64nuc_7.22 kernel64nuc_7.22.x
sap / netweaver_application_server_java kernel64nuc_7.22ext kernel64nuc_7.22ext.x
sap / netweaver_application_server_java kernel64uc_7.22 kernel64uc_7.22.x
sap / netweaver_application_server_java kernel64uc_7.22ext kernel64uc_7.22ext.x
sap / netweaver_application_server_java kernel64uc_7.53 kernel64uc_7.53.x
sap / netweaver_application_server_java kernel64uc_8.04 kernel64uc_8.04.x
sap / netweaver_application_server_java kernel_7.22 kernel_7.22.x
sap / netweaver_application_server_java kernel_7.53 kernel_7.53.x
sap / netweaver_application_server_java kernel_7.54 kernel_7.54.x
sap / netweaver_application_server_java kernel_7.77 kernel_7.77.x
sap / netweaver_application_server_java kernel_7.85 kernel_7.85.x
sap / netweaver_application_server_java kernel_7.89 kernel_7.89.x
sap / netweaver_application_server_java kernel_7.91 kernel_7.91.x
sap / netweaver_application_server_java kernel_7.92 kernel_7.92.x
sap / netweaver_application_server_java kernel_7.93 kernel_7.93.x
sap / netweaver_application_server_java kernel_8.04 kernel_8.04.x
sap / netweaver_application_server_abap kernel64nuc_7.22 kernel64nuc_7.22.x
sap / netweaver_application_server_abap kernel64nuc_7.22ext kernel64nuc_7.22ext.x
sap / netweaver_application_server_abap kernel64uc_7.22 kernel64uc_7.22.x
sap / netweaver_application_server_abap kernel64uc_7.22ext kernel64uc_7.22ext.x
sap / netweaver_application_server_abap kernel64uc_7.53 kernel64uc_7.53.x
sap / netweaver_application_server_abap kernel64uc_8.04 kernel64uc_8.04.x
sap / netweaver_application_server_abap kernel_7.91 kernel_7.91.x