VYPR
Unrated severityNVD Advisory· Published Apr 13, 2021· Updated Aug 3, 2024

CVE-2021-27603

CVE-2021-27603

Description

An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the Availability of the SAP system.

Affected products

2
  • Range: 731, 740, 750
  • SAP SE/SAP NetWeaver AS for ABAPv5
    Range: < 731

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.