Sap Se Sap Netweaver As For Abap vulnerabilities
5 known vulnerabilities affecting sap_se/sap_netweaver_as_for_abap.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-27633HIGHCVSS 7.5fixed in KRNL32NUC - 7.22fixed in 7.22EXT+12 more2021-06-09
CVE-2021-27633 [HIGH] CWE-787 CVE-2021-27633: SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22E
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger
cvelistv5nvd
CVE-2021-27597HIGHCVSS 7.5fixed in KRNL32NUC - 7.22fixed in 7.22EXT+12 more2021-06-09
CVE-2021-27597 [HIGH] CWE-125 CVE-2021-27597: SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22E
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger
cvelistv5nvd
CVE-2021-21490MEDIUMCVSS 6.1fixed in 700fixed in 702+8 more2021-06-09
CVE-2021-21490 [MEDIUM] CWE-79 CVE-2021-21490: SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A,
SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A, 75F, does not sufficiently encode input and output parameters which results in reflected cross site scripting vulnerability, through which a malicious user can access data relating to the current session and use it to impersonate a user and access all
cvelistv5nvd
CVE-2021-27634MEDIUMCVSS 5.9fixed in KRNL32NUC - 7.22fixed in 7.22EXT+12 more2021-06-09
CVE-2021-27634 [MEDIUM] CWE-787 CVE-2021-27634: SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22E
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigg
cvelistv5nvd
CVE-2021-27603MEDIUMCVSS 6.5fixed in 731fixed in 740+1 more2021-04-13
CVE-2021-27603 [MEDIUM] CVE-2021-27603: An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, a
An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the Availability of the SAP system.
cvelistv5nvd