Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-33663


SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.


Published

2021-06-09T14:15:10.010

Last Modified

2024-11-21T06:09:18.563

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sap netweaver_application_server_abap kernel_7.22 Yes
Application sap netweaver_application_server_abap kernel_7.49 Yes
Application sap netweaver_application_server_abap kernel_7.53 Yes
Application sap netweaver_application_server_abap kernel_7.73 Yes
Application sap netweaver_application_server_abap kernel_7.77 Yes
Application sap netweaver_application_server_abap kernel_7.81 Yes
Application sap netweaver_application_server_abap kernel_7.82 Yes
Application sap netweaver_application_server_abap kernel_7.83 Yes
Application sap netweaver_application_server_abap kernel_7.84 Yes
Application sap netweaver_application_server_abap kernel_8.04 Yes
Application sap netweaver_application_server_abap krnl32nuc_7.22 Yes
Application sap netweaver_application_server_abap krnl32nuc_7.22ext Yes
Application sap netweaver_application_server_abap krnl32uc_7.22 Yes
Application sap netweaver_application_server_abap krnl32uc_7.22ext Yes
Application sap netweaver_application_server_abap krnl64nuc_7.22 Yes
Application sap netweaver_application_server_abap krnl64nuc_7.22ext Yes
Application sap netweaver_application_server_abap krnl64nuc_7.49 Yes
Application sap netweaver_application_server_abap krnl64uc_7.22 Yes
Application sap netweaver_application_server_abap krnl64uc_7.22ext Yes
Application sap netweaver_application_server_abap krnl64uc_7.49 Yes
Application sap netweaver_application_server_abap krnl64uc_7.53 Yes
Application sap netweaver_application_server_abap krnl64uc_7.73 Yes
Application sap netweaver_application_server_abap krnl64uc_8.04 Yes

References