SAP Knowledge Base Article - Preview

3507297 - Is SAP SRS impacted by CVE-2023-4807 and CVE-2024-5535? - SAP SRS

Symptom

Following vulnerabilities may be reported on standalone SAP Replication Server or ASE always-on (HADR) setup when running security scan. They are related to OpenSSL binary and libraries. Is SAP Replication Server impacted by these vulnerabilities?

CVE-2023-4807 
CVE-2024-5535

Reported in following path,

/sybase/SID/DM/REP-16_0/lib3p64/openssl/lib/libssl.so.1.1 
/sybase/SID/DM/REP-16_0/lib3p64/openssl/lib/libssl.so 
/sybase/SID/DM/REP-16_0/lib3p64/openssl/lib/libcrypto.so.1.1 
/sybase/SID/DM/REP-16_0/lib3p64/openssl/lib/libcrypto.so 
/sybase/SID/DM/REP-16_0/bin/openssl 
/sybase/SID/DM/REP-16_0/ASA17/OCS/OCS-16_0/bin/openssl 
 


Read more...

Environment

  • SAP Replication Server 16.0
  • SAP Adaptive Server Enterprise 16.0 Always-on (HADR) 

Product

SAP Replication Server all versions

Keywords

CVE-2023-4807, CVE-2024-5535, openssl , KBA , BC-SYB-REP , Sybase Replication Server (standalone) , BC-SYB-REP-SAP , Replication with SAP Suite / SAP BW , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.