CVE-2021-27604

Опубликовано: 14 апр. 2021

Источник: nvd

CVSS3: 7.7

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.

Ссылки

https://launchpad.support.sap.com/#/notes/3036436
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
Vendor Advisory
https://launchpad.support.sap.com/#/notes/3036436
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:netweaver_process_integration:7.10:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_process_integration:7.20:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_process_integration:7.30:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_process_integration:7.31:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_process_integration:7.40:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00343

Низкий

7.7 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-98g3-884p-c9q5

github

больше 3 лет назад

EPSS

Процентиль: 56%

0.00343

Низкий

7.7 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-611