Rewterz Threat Alert – Chaos Ransomware – Active IOCs
November 11, 2022Rewterz Threat Advisory – Multiple SAP NetWeaver Application Server ABAP and ABAP Platform Vulnerabilities
November 11, 2022Rewterz Threat Alert – Chaos Ransomware – Active IOCs
November 11, 2022Rewterz Threat Advisory – Multiple SAP NetWeaver Application Server ABAP and ABAP Platform Vulnerabilities
November 11, 2022Severity
Medium
Analysis Summary
CVE-2022-41259
SAP SQL Anywhere is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted queries, a remote authenticated attacker could exploit this vulnerability to crash the server, and prevent legitimate users from accessing a SQL Anywhere database.
Impact
Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-41259
Affected Vendors
SAP
Affected Products
SAP SQL Anywhere 17.0
Remediation
Current SAP customers should refer to SAP Security Advisory for patch information, available from the SAP Web site (login required).