First published: Wed Jun 09 2021(Updated: )
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver ABAP | =kernel_7.22 | |
SAP NetWeaver ABAP | =kernel_7.49 | |
SAP NetWeaver ABAP | =kernel_7.53 | |
SAP NetWeaver ABAP | =kernel_7.73 | |
SAP NetWeaver ABAP | =kernel_8.04 | |
SAP NetWeaver ABAP | =krnl32nuc_7.22 | |
SAP NetWeaver ABAP | =krnl32nuc_7.22ext | |
SAP NetWeaver ABAP | =krnl64nuc_7.22 | |
SAP NetWeaver ABAP | =krnl64nuc_7.22ext | |
SAP NetWeaver ABAP | =krnl64nuc_7.49 | |
SAP NetWeaver ABAP | =krnl64uc_7.22 | |
SAP NetWeaver ABAP | =krnl64uc_7.22ext | |
SAP NetWeaver ABAP | =krnl64uc_7.49 | |
SAP NetWeaver ABAP | =krnl64uc_7.53 | |
SAP NetWeaver ABAP | =krnl64uc_7.73 | |
SAP NetWeaver ABAP | =krnl64uc_8.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-27633 is a vulnerability in SAP NetWeaver AS for ABAP (RFC Gateway) that allows an unauthenticated attacker to send a specific request to execute a command without specific knowledge of the system.
CVE-2021-27633 affects SAP NetWeaver AS for ABAP (RFC Gateway) versions KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83.
CVE-2021-27633 has a severity rating of high (7.5).
To fix CVE-2021-27633, apply the necessary patches and updates provided by SAP, and follow the recommendations outlined in the SAP Security Note 3020209.
You can find more information about CVE-2021-27633 in the SAP Security Note 3020209 and the SAP Community Wiki page.