CVE-2021-21485

🗓️ 13 Apr 2021 18:44:47Reported by sapType

Unauthorized access via SAP NetWeaver AS Jav

Reporter	Title	Published	Views	Family All 10
CNNVD	SAP NetWeaver Application Server 信息泄露漏洞	13 Apr 202100:00	–	cnnvd
CNVD	SAP NetWeaver Application Server for Java Information Disclosure Vulnerability	16 Apr 202100:00	–	cnvd
CVE	CVE-2021-21485	13 Apr 202118:44	–	cve
EUVD	EUVD-2021-8758	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP Netweaver products	13 Apr 202100:00	–	ncsc
NVD	CVE-2021-21485	13 Apr 202119:15	–	nvd
OSV	CVE-2021-21485	13 Apr 202119:15	–	osv
Prion	Code injection	13 Apr 202119:15	–	prion
RedhatCVE	CVE-2021-21485	22 May 202521:31	–	redhatcve
Tenable Nessus	SAP NetWeaver AS Java and AS ABAP Multiple Vulnerabilities (Apr 2021)	15 Apr 202100:00	–	nessus

[
  {
    "product": "SAP NetWeaver AS for JAVA (Telnet Commands)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "ENGINEAPI 7.30, 7.31, 7.40, 7.50"
      },
      {
        "status": "affected",
        "version": "ESP_FRAMEWORK 7.10, 7.20, 7.30, 7.31, 7.40, 7.50"
      },
      {
        "status": "affected",
        "version": "SERVERCORE 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50"
      },
      {
        "status": "affected",
        "version": "J2EE-FRMW 7.10, 7.20, 7.30, 7.31, 7.40, 7.50"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

13 Apr 2021 18:44Current

6.8Medium risk

Vulners AI Score6.8

CVSS 37.4

EPSS0.0094