CVE-2021-27607

Name of the Vulnerable Software and Affected Versions SAP NetWeaver ABAP Server and ABAP Platform (Dispatcher) versions 7.22 through 7.83

Description The issue allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network, triggering an internal error in the system due to improper input validation in the ThSncIn() method. This causes the system to crash and renders it unavailable. In this attack, no data in the system can be viewed or modified.

Recommendations For SAP NetWeaver ABAP Server and ABAP Platform (Dispatcher) version 7.22, update to a version outside of the affected range. For SAP NetWeaver ABAP Server and ABAP Platform (Dispatcher) versions 7.22EXT through 7.83, update to a version outside of the affected range. At the moment, there is no information about a newer version that contains a fix for this vulnerability.