First published: Wed Jun 09 2021(Updated: )
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver ABAP | =kernel_7.22 | |
SAP NetWeaver ABAP | =kernel_7.49 | |
SAP NetWeaver ABAP | =kernel_7.53 | |
SAP NetWeaver ABAP | =kernel_7.73 | |
SAP NetWeaver ABAP | =kernel_8.04 | |
SAP NetWeaver ABAP | =krnl32nuc_7.22 | |
SAP NetWeaver ABAP | =krnl32nuc_7.22ext | |
SAP NetWeaver ABAP | =krnl64nuc_7.22 | |
SAP NetWeaver ABAP | =krnl64nuc_7.22ext | |
SAP NetWeaver ABAP | =krnl64nuc_7.49 | |
SAP NetWeaver ABAP | =krnl64uc_7.22 | |
SAP NetWeaver ABAP | =krnl64uc_7.22ext | |
SAP NetWeaver ABAP | =krnl64uc_7.49 | |
SAP NetWeaver ABAP | =krnl64uc_7.53 | |
SAP NetWeaver ABAP | =krnl64uc_7.73 | |
SAP NetWeaver ABAP | =krnl64uc_8.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-27597 is a vulnerability in SAP NetWeaver AS for ABAP (RFC Gateway) that allows an unauthenticated attacker to send a specific request to the system.
The severity of CVE-2021-27597 is high with a CVSS score of 7.5.
CVE-2021-27597 affects multiple versions of SAP NetWeaver AS for ABAP including KRNL32NUC - 7.22, KRNL64NUC - 7.22, 7.49, KRNL64UC - 8.04, 7.22, 7.49, 7.53, and 7.73.
An attacker can exploit CVE-2021-27597 by sending a specific request to the SAP NetWeaver AS for ABAP (RFC Gateway) without authentication.
You can find more information about CVE-2021-27597 in the SAP Support Portal and the SAP Community Network.