CVE-2021-27603 vulnerability in SAP Products
Published on April 13, 2021

An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the Availability of the SAP system.

NVD

Products Associated with CVE-2021-27603

stack.watch emails you whenever new vulnerabilities are published in SAP Netweaver As Abap or SAP Netweaver Application Server Abap. Just hit a watch button to start following.

SAP Netweaver As Abap

SAP Netweaver Application Server Abap

Affected Versions

SAP SE SAP NetWeaver AS for ABAP:

Version < 731 is affected.
Version < 740 is affected.
Version < 750 is affected.

Exploit Probability

EPSS

0.45%

Percentile

63.19%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-27603 vulnerability in SAP ProductsPublished on April 13, 2021

Products Associated with CVE-2021-27603

Affected Versions

Exploit Probability

CVE-2021-27603 vulnerability in SAP Products
Published on April 13, 2021