VDB
CVE-2021-33663
CVE-2021-33663
PUBLISHED
CVSS 5.800000190734863 MEDIUM
SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.
EPSS 0.19% · 40.6th percentile
Risk Scores
CVSS 3.0
5.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.19%
40.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP SE | SAP NetWeaver AS ABAP | < KRNL32NUC - 7.22, < 7.22EXT, < KRNL32UC - 7.22 |
| sap | netweaver_application_server_abap | kernel_7.49, kernel_7.53, kernel_7.73 |
Exploit Intelligence
Timeline
- Jun 8, 2021 CVE Published
- Jun 10, 2021 EPSS Score
- Aug 11, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Dec 10, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 9, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 11, 2022 EPSS Score
- Jun 11, 2022 EPSS Score
- Aug 12, 2022 EPSS Score
- Oct 11, 2022 EPSS Score