CVE-2021-33683

🗓️ 14 Jul 2021 11:04:45Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 47 Views

SAP Web Dispatcher and ICM (KRNL32NUC 7.21, KRNL32UC 7.21, KRNL64NUC 7.21, KRNL64UC 7.21, 7.49) process invalid HTTP header leading to HTTP Request Smuggling attack

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-33683	14 Jul 202116:20	–	circl
CNNVD	SAP Web Dispatcher 和 Internet Communication Manager 环境问题漏洞	13 Jul 202100:00	–	cnnvd
Cvelist	CVE-2021-33683	14 Jul 202111:04	–	cvelist
EUVD	EUVD-2021-20360	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Dec 202100:00	–	ncsc
NCSC	Vulnerabilities fixed in SAP products	11 Apr 202300:00	–	ncsc
NVD	CVE-2021-33683	14 Jul 202112:15	–	nvd
Prion	Design/Logic Flaw	14 Jul 202112:15	–	prion
Positive Technologies	PT-2021-20261 · Sap · Sap Web Dispatcher +1	14 Jul 202100:00	–	ptsecurity
RedhatCVE	CVE-2021-33683	9 Jan 202609:20	–	redhatcve

NVD

Vulners

Node

sap web_dispatcherMatch7.8_kernel_7.21

sap web_dispatcherMatch7.21ext

sap web_dispatcherMatch7.22

sap web_dispatcherMatch7.22ext

sap web_dispatcherMatch7.49

sap web_dispatcherMatch7.53

sap web_dispatcherMatch7.73

sap web_dispatcherMatch7.77

sap web_dispatcherMatch7.81

sap web_dispatcherMatch7.82

sap web_dispatcherMatchkrnl32nuc_7.21

sap web_dispatcherMatchkrnl32uc_7.21

sap web_dispatcherMatchkrnl64nuc_7.21

sap web_dispatcherMatchkrnl64uc_7.21

sap web_dispatcherMatchwebdisp_7.53

Node

sap internet_communication_managerMatch7.21ext

sap internet_communication_managerMatch7.22

sap internet_communication_managerMatch7.22ext

sap internet_communication_managerMatch7.49

sap internet_communication_managerMatch7.53

sap internet_communication_managerMatch7.73

sap internet_communication_managerMatch7.77

sap internet_communication_managerMatch7.81

sap internet_communication_managerMatch7.82

sap internet_communication_managerMatchkernel_7.21

sap internet_communication_managerMatchkrnl32nuc_7.21

sap internet_communication_managerMatchkrnl32uc_7.21

sap internet_communication_managerMatchkrnl64nuc_7.21

sap internet_communication_managerMatchkrnl64uc_7.21

sap internet_communication_managerMatchwebdisp_7.53

[
  {
    "product": "SAP Web Dispatcher and Internet Communication Manager",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< KRNL32NUC 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.21EXT"
      },
      {
        "status": "affected",
        "version": "< 7.22"
      },
      {
        "status": "affected",
        "version": "< 7.22EXT"
      },
      {
        "status": "affected",
        "version": "< KRNL32UC 7.21"
      },
      {
        "status": "affected",
        "version": "< KRNL64NUC 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.49"
      },
      {
        "status": "affected",
        "version": "< KRNL64UC 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.53"
      },
      {
        "status": "affected",
        "version": "< 7.73"
      },
      {
        "status": "affected",
        "version": "< WEBDISP 7.53"
      },
      {
        "status": "affected",
        "version": "< 7.77"
      },
      {
        "status": "affected",
        "version": "< 7.81"
      },
      {
        "status": "affected",
        "version": "< 7.82"
      },
      {
        "status": "affected",
        "version": "< 7.83"
      },
      {
        "status": "affected",
        "version": "< KERNEL 7.21"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

21 Nov 2024 06:09Current

4.6Medium risk

Vulners AI Score4.6

CVSS 24

CVSS 3.14.3

CVSS 35.4

EPSS0.00157

CWE-444