CVE-2021-40495

Summary

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 740affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 750affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 751affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 752affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 753affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 754affected
SAP SESAP NetWeaver AS ABAP and ABAP Platform< 755affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References