← Back

CVE-2021-33663

nvd nist
Published: Jun 9, 2021Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.

Affected (23)

Sap
1 product
Netweaver Application Server Abap
Configuration A
23 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Netweaver Application Server Abap
Version kernel_7.22
Netweaver Application Server Abap
Version kernel_7.49
Netweaver Application Server Abap
Version kernel_7.53
Netweaver Application Server Abap
Version kernel_7.73
Netweaver Application Server Abap
Version kernel_7.77
Netweaver Application Server Abap
Version kernel_7.81
Netweaver Application Server Abap
Version kernel_7.82
Netweaver Application Server Abap
Version kernel_7.83
Netweaver Application Server Abap
Version kernel_7.84
Netweaver Application Server Abap
Version kernel_8.04
Netweaver Application Server Abap
Version krnl32nuc_7.22
Netweaver Application Server Abap
Version krnl32nuc_7.22ext
Netweaver Application Server Abap
Version krnl32uc_7.22
Netweaver Application Server Abap
Version krnl32uc_7.22ext
Netweaver Application Server Abap
Version krnl64nuc_7.22
Netweaver Application Server Abap
Version krnl64nuc_7.22ext
Netweaver Application Server Abap
Version krnl64nuc_7.49
Netweaver Application Server Abap
Version krnl64uc_7.22
Netweaver Application Server Abap
Version krnl64uc_7.22ext
Netweaver Application Server Abap
Version krnl64uc_7.49
Netweaver Application Server Abap
Version krnl64uc_7.53
Netweaver Application Server Abap
Version krnl64uc_7.73
Netweaver Application Server Abap
Version krnl64uc_8.04

References (4)

Source: cna@sap.com
Permissions RequiredVendor Advisory
Source: cna@sap.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.