CVE-2021-33663 vulnerability in SAP Products
Published on June 9, 2021
SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.
Products Associated with CVE-2021-33663
stack.watch emails you whenever new vulnerabilities are published in SAP Netweaver As Abap or SAP Netweaver Application Server Abap. Just hit a watch button to start following.
Affected Versions
SAP SE SAP NetWeaver AS ABAP:- Version < KRNL32NUC - 7.22 is affected.
- Version < 7.22EXT is affected.
- Version < KRNL32UC - 7.22 is affected.
- Version < KRNL64NUC - 7.22 is affected.
- Version < 7.49 is affected.
- Version < KRNL64UC - 8.04 is affected.
- Version < 7.22 is affected.
- Version < 7.53 is affected.
- Version < 7.73 is affected.
- Version < KERNEL - 7.22 is affected.
- Version < 8.04 is affected.
- Version < 7.77 is affected.
- Version < 7.81 is affected.
- Version < 7.82 is affected.
- Version < 7.83 is affected.
- Version < 7.84 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.