CVE-2009-4603

{"id": "CVE-2009-4603", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-01-12T17:30:01.197", "references": [{"url": "http://secunia.com/advisories/37684", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/37286", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1023319", "source": "cve@mitre.org"}, {"url": "https://service.sap.com/sap/support/notes/1302231", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37684", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/37286", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1023319", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://service.sap.com/sap/support/notes/1302231", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "vulnerabilidad inespec\u00edfica en sapstartsrv.exe en el kernel SAP v6.40, v7.00, v7.01, v7.10, v7.11, y v7.20, tal y como se utiliza en SAP NetWeaver v7.x y SAP Web Application Server v6.x y v7.x, permite a atacantes remotos producir una denegaci\u00f3n de servicio (apagado de la consola de administraci\u00f3n) a trav\u00e9s de una petici\u00f3n manipulada."}], "lastModified": "2024-11-21T01:10:01.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:sap_kernel:6.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "548D937D-FF7F-4B5B-98A2-50F5FBA7875D"}, {"criteria": "cpe:2.3:a:sap:sap_kernel:7.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA732B51-EF58-41D1-A012-195847AE9CC1"}, {"criteria": "cpe:2.3:a:sap:sap_kernel:7.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78E8D3B9-CAF2-47FD-93C7-CCF6554BBA49"}, {"criteria": "cpe:2.3:a:sap:sap_kernel:7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B8965F9-F10A-4F6A-830C-7D5D4596AA26"}, {"criteria": "cpe:2.3:a:sap:sap_kernel:7.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B09614D3-0B53-48FC-9E1F-05384AEFBE57"}, {"criteria": "cpe:2.3:a:sap:sap_kernel:7.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "633CC2AD-4B48-4473-A818-93E40DCBEFBE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:sap_netweaver:7.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "813CC383-4123-45B0-A58A-78A8DC71FFE7"}, {"criteria": "cpe:2.3:a:sap:sap_web_application_server:6.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC17AFFF-324D-40F5-9305-1A049E16B7A3"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}