EUVD-2021-20348

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP NetWeaver Guided Procedures lack authorization checks, allowing privilege escalation and data abuse.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-33671	14 Jul 202114:12	–	circl
CNNVD	SAP NetWeaver 安全漏洞	13 Jul 202100:00	–	cnnvd
CVE	CVE-2021-33671	14 Jul 202111:03	–	cve
Cvelist	CVE-2021-33671	14 Jul 202111:03	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	13 Jul 202100:00	–	ncsc
NVD	CVE-2021-33671	14 Jul 202112:15	–	nvd
Prion	Authorization	14 Jul 202112:15	–	prion
RedhatCVE	CVE-2021-33671	9 Jan 202608:52	–	redhatcve
Tenable Nessus	SAP NetWeaver AS Missing Authorization Check (3059446)	27 Jul 202100:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "b03bcee9-4e3e-3e65-a527-4fbfc4103927",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2659349f-6cf2-367e-bb52-3d186a49d73f",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.31"
      },
      {
        "id": "2ef6ee87-7371-3538-af96-a2b388c2c677",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.10"
      },
      {
        "id": "5eda5bf6-a24a-30fd-8674-d45f3b869bf6",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.40"
      },
      {
        "id": "788755d5-5720-39db-a89d-be2c645f35a7",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.20"
      },
      {
        "id": "d7ea9b04-561d-36e4-8a10-7cb4da4689b4",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.50"
      },
      {
        "id": "e0710c36-786c-3eac-955b-6c17ec6e4749",
        "product": {
          "name": "SAP NetWeaver Guided Procedures (Administration Workset)"
        },
        "product_version": "< 7.30"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.9High risk

Vulners AI Score7.9

CVSS 37.6

CVSS 26.5

CVSS 3.18.8

EPSS0.00222