SAP Knowledge Base Article - Preview

3512138 - Is SAP SRS impacted by CVE-2024-38808 and CVE-2024-38809?

Symptom

Following vulnerabilities may be reported on standalone SAP Replication Server or ASE always-on (HADR) setup when running security scan. They are related to spring-expression and spring-web. Is SAP Replication Server impacted by these vulnerabilities?

  • CVE-2024-38808
  • CVE-2024-38809

Reported in following path:

/sybase/<SID>/DM/RMA-16_0/libs/spring/spring-core-5.3.22.jar


Read more...

Environment

  • SAP Replication Server 16.0
  • SAP Adaptive Server Enterprise 16.0 Always-on (HADR) 

Product

SAP BusinessObjects Business Intelligence platform 4.3

Keywords

CVE-2024-38808, CVE-2024-38809, vulnerability, Spring, Framework  , KBA , BC-SYB-REP , Sybase Replication Server (standalone) , BC-SYB-REP-SAP , Replication with SAP Suite / SAP BW , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.