CVE-2021-27617

Name of the Vulnerable Software and Affected Versions SAP Process Integration versions 7.10 through 7.50

Description The issue arises from insufficient validation of an XML document uploaded from a local source by the Integration Builder Framework. This can be exploited by an attacker crafting a malicious XML document. When the application uploads and parses this document, it could lead to denial-of-service conditions due to excessive system memory consumption, significantly impacting system availability.

Recommendations For versions 7.10 through 7.50, update the Integration Builder Framework to a version that properly validates XML documents uploaded from local sources to prevent denial-of-service conditions.