Vulnerability Description
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. An attacker could thereby delete some critical information and could make the SAP system completely unavailable.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Netweaver Application Server Abap | 75a |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-PlaExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/May/42ExploitMailing ListThird Party Advisory
- https://launchpad.support.sap.com/#/notes/3048657Permissions Required
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506Vendor Advisory
- http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-PlaExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/May/42ExploitMailing ListThird Party Advisory
- https://launchpad.support.sap.com/#/notes/3048657Permissions Required
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506Vendor Advisory
FAQ
What is CVE-2021-33678?
CVE-2021-33678 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged att...
How severe is CVE-2021-33678?
CVE-2021-33678 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33678?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Netweaver Application Server Abap.