CVE-2024-34688

Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact on the availability of the application.

Published: Jun 11, 2024
Updated: Aug 10, 2024
CVE: CVE-2024-34688
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
sap / netweaver_application_server_java	mmr_server_7.5	mmr_server_7.5.x

https://me.sap.com/notes/3460407
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html

Vulnerability Database

289,697

CVE-2024-34688