CVE-2021-27621

Summary

Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.11affected
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.20affected
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.30affected
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.31affected
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.40affected
SAP SESAP NetWeaver AS for Java (UserAdmin)< 7.50affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References