SAP NetWeaver AS Java and AS ABAP Multiple Vulnerabilities (Apr 2021)


The version of SAP Netweaver Application Server for Java installed on the remote host may be affected by multiple vulnerabilities, including the following: - An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user. (CVE-2021-21485) - SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet. (CVE-2021-27598) - SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a cross-site scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree. (CVE-2021-27601) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.