CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-27603

An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the Availability of the SAP system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.3%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://launchpad.support.sap.com/#/notes/3028729
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
https://launchpad.support.sap.com/#/notes/3028729
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649

Products affected by CVE-2021-27603

Sap » Netweaver Application Server Abap » Version: 731

cpe:2.3:a:sap:netweaver_application_server_abap:731
Sap » Netweaver Application Server Abap » Version: 740

cpe:2.3:a:sap:netweaver_application_server_abap:740
Sap » Netweaver Application Server Abap » Version: 750

cpe:2.3:a:sap:netweaver_application_server_abap:750

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27603

Products

Pricing

Contact Us