CVE-2009-4603

high

Description

Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information.

References

https://service.sap.com/sap/support/notes/1302231

http://www.securitytracker.com/id?1023319

http://www.securityfocus.com/bid/37286

http://www.cybsec.com/vuln/CYBSEC_SAP_sapstartsrv_DoS.pdf

http://secunia.com/advisories/37684

Details

Source: Mitre, NVD

Published: 2010-01-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00672