CVE-2021-27611

Summary

SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a denial of service.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP< 700affected
SAP SESAP NetWeaver AS ABAP< 701affected
SAP SESAP NetWeaver AS ABAP< 702affected
SAP SESAP NetWeaver AS ABAP< 730affected
SAP SESAP NetWeaver AS ABAP< 731affected

Weaknesses

  • Code Injection

ADP Enrichment

CVE Program Container

Additional References

References