Home
CRITICAL: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HDefault status
unaffected
SAP Approuter node.js package < 20.10.0
affected
Description
Due to an HTTP Request Smuggling vulnerability in SAP Approuter, an unauthenticated attacker could send a specially crafted HTTP request that leads to request-response desynchronization. This could result in the exposure of user responses and cause the system to become unavailable. This leads to a high impact on confidentiality and availability.
Problem types
CWE-444: Inconsistent Interpretation of HTTP Requests
Product status
SAP Approuter node.js package < 20.10.0