Denial of Service Vulnerability in SAP AS JAVA SSO Authentication Library

Denial of Service Vulnerability in SAP AS JAVA SSO Authentication Library

CVE-2017-7696 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.

Learn more about our Web Application Penetration Testing UK.