SAP NetWeaver Business Warehouse CCAW High CPU Load Vulnerability via RFC Function Modules

A vulnerability in the SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to induce a high CPU load. This is achieved by executing Remote Function Call (RFC) enabled function modules without any input parameters. The exploitation of this vulnerability leads to decreased performance or disrupted operation of the affected resource, causing a low impact on the application's availability. There is no impact on confidentiality or integrity.

Impact

Exploitation of this vulnerability causes a high CPU load, leading to reduced performance or interrupted operation of the affected resource, according to SAP.

Remediation

SAP Security Notes contain guidance on addressing vulnerabilities. Access SAP Security Notes through the SAP for Me platform, selecting 'All Security Notes' for the complete list. For SAP NetWeaver based products, security fixes are delivered with support packages. Consult the SAP Security Notes FAQ for details on the security patching process.