Vulnerability Details CVE-2021-27621
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.8%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-27621
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.11
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.20
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.30
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.31
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.40
-
cpe:2.3:a:sap:netweaver_application_server_for_java:7.50