Severity
High
Analysis Summary
CVE-2021-27598
SAP NetWeaver AS JAVA allows a remote attacker to obtain sensitive information. This happens due to improper access control. An attacker can exploit this vulnerability by sending a specially-crafted request to obtain some statistical data. The data can be used to launch further attacks against the affected systems.
CVE-2021-21492
SAP NetWeaver AS JAVA allows a remote attacker to employ spoofing attacks on the affected system caused by the improper validation of log-on group in URLs. An attacker can exploit this vulnerability by sending a specially-crafted request to perform spoofing attacks on the content on the system.
CVE-2021-21485
SAP NetWeaver AS for JAVA allows a remote attacker to obtain sensitive information. The attackers persuade the victims to input specially-crafted Telnet commands. This vulnerability can be exploited to obtain NTLM hashes of a privileged user. And the information can be used to launch further attacks against the affected systems.
CVE-2021-21483
The SAP solution manager allows a remote authenticated attacker to obtain sensitive information on victims caused by improper access control. An attacker can exploit this vulnerability by sending a specially-crafted request. And the information can be used to launch further attacks against the affected systems.
Impact
- Information disclosure
- Spoofing
Affected Vendors
SAP
Affected Products
- SAP NetWeaver AS for JAVA 7.31
- SAP NetWeaver AS for JAVA 7.40
- SAP NetWeaver AS for JAVA 7.50
- SAP NetWeaver AS for JAVA 7.10
- SAP NetWeaver AS for JAVA 7.11
- SAP NetWeaver AS for JAVA 7.20
- SAP Solution Manager 7.30
- SAP Solution Manager 7.20
Remediation
Current SAP users can access their SAP account to access information on the available patches at https://authn.hana.ondemand.com/saml2/sp/mds
And obtain information by referring to:
- note 3027937 for CVE-2021-27598
- note 3025637 for CVE-2021-21492
- note 3001824 for CVE-2021-21485
- note 3017823 for CVE-2021-21483