Loading
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
Use CWE-787, Sap vendor hub and Commoncryptolib product page to widen CVE-2023-40308 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-40309, CVE-2021-38177 and CVE-2014-8587 for nearby disclosures in the same product family. Additional editorial context is available in The Weekly Cybersecurity Brief: February 13th, 2026.