Remote Code Execution and Denial of Service Vulnerability in SAP NetWeaver 7400.12.21.30308

Remote Code Execution and Denial of Service Vulnerability in SAP NetWeaver 7400.12.21.30308

CVE-2017-9844 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.

Learn more about our Web Application Penetration Testing UK.