EUVD-2021-20347

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Denial of service vulnerability in SAP NetWeaver AS for Java allows HTTP filter crash via requests.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2021-33670	14 Jul 202114:12	–	circl
CNNVD	SAP NetWeaver AS 安全漏洞	13 Jul 202100:00	–	cnnvd
CNVD	SAP NetWeaver AS for Java Denial of Service Vulnerability	15 Jul 202100:00	–	cnvd
CVE	CVE-2021-33670	14 Jul 202111:04	–	cve
Cvelist	CVE-2021-33670	14 Jul 202111:04	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	13 Jul 202100:00	–	ncsc
NVD	CVE-2021-33670	14 Jul 202112:15	–	nvd
OSV	CVE-2021-33670	14 Jul 202112:15	–	osv
Prion	Denial of service	14 Jul 202112:15	–	prion
RedhatCVE	CVE-2021-33670	5 May 202207:38	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "a7c3f885-7b7b-3663-90dd-2e023d1c8282",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "39b47baf-2841-3f7b-8e15-e536314ea517",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.11"
      },
      {
        "id": "4a8a942f-2ed7-3f83-95e8-0017f6bb54f6",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.40"
      },
      {
        "id": "5122c56a-a482-3ab6-8dd3-fbce2f20fe0a",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.20"
      },
      {
        "id": "5a77c273-14ad-3c43-bf4e-2d81d77b3922",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.50"
      },
      {
        "id": "60d14256-9a43-362c-87a2-d7aa21ff3b8d",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.30"
      },
      {
        "id": "c1d0594f-b17a-3406-beec-4aef7081d695",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.10"
      },
      {
        "id": "d9bd9c05-04c4-3d3d-be48-fc510b2ad4a6",
        "product": {
          "name": "SAP NetWeaver AS for JAVA (HTTP Service)"
        },
        "product_version": "< 7.31"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/
seclists	www.seclists.org/fulldisclosure/2022/May/4
packetstormsecurity	www.packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.8High risk

Vulners AI Score7.8

CVSS 37.5

CVSS 25

CVSS 3.17.5

EPSS0.05562