Vulnerabilities > CVE-2021-40495 - Unspecified vulnerability in SAP Netweaver Abap and Netweaver Application Server Abap

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

sap

NVD

Published: 2021-10-12

Updated: 2022-10-06

Summary

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Application Server Abap 750 SAP Netweaver Application Server Abap 752 SAP Netweaver Application Server Abap 753 SAP Netweaver Application Server Abap 754 SAP Netweaver Application Server Abap 755 SAP Netweaver Application Server Abap 740 SAP Netweaver Application Server Abap 751 SAP Netweaver Abap 740 SAP Netweaver Abap 750 SAP Netweaver Abap 751 SAP Netweaver Abap 752 SAP Netweaver Abap 753 SAP Netweaver Abap 754 SAP Netweaver Abap 755	14

Summary

Vulnerable Configurations

References