Unrated severityNVD Advisory· Published Jul 14, 2021· Updated Aug 3, 2024
CVE-2021-33678
CVE-2021-33678
Description
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some critical information and could make the SAP system completely unavailable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, 75F
- SAP SE/SAP NetWeaver AS ABAP (Reconciliation Framework)v5Range: < 700
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2022/May/42mitremailing-listx_refsource_FULLDISC
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.