CVE-2021-33678

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP (Reconciliation Framework) versions 700 through 75F

Description: A function module in the Reconciliation Framework of SAP NetWeaver AS ABAP allows a high-privileged attacker to inject code that can be executed by the application. This could lead to the deletion of critical information and potentially make the SAP system completely unavailable.

Recommendations: For versions 700 through 75F, consider temporarily restricting access to the vulnerable function module until a patch is available. As a mitigation measure, limit the privileges of users who can interact with this module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.