PT-2021-17540 · Sap · Sap Netweaver Abap Server+1

Published

2021-04-14

Updated

2021-08-27

CVE-2021-27604

CVSS v3.1

7.7

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP NetWeaver ABAP Server and ABAP Platform versions 7.10 through 7.50

Description The issue concerns an XML External Entity vulnerability in the Process Integration - Enterprise Service Repository JAVA Mappings component. To address this, SAP recommends referring to a specific note for guidance.

Recommendations For versions 7.10 through 7.50, refer to the recommended note by SAP to prevent the XML External Entity vulnerability.

Fix

XXE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-611

Related Identifiers

CVE-2021-27604

Affected Products

Abap Platform

Sap Netweaver Abap Server

PT-2021-17540 · Sap · Sap Netweaver Abap Server+1

CVE-2021-27604

Weakness Enumeration

Related Identifiers

Affected Products

References · 5