Vulnerability Details CVE-2021-38178
The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious code can reach quality and production, and can compromise the confidentiality, integrity, and availability of the system and its data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-38178
-
cpe:2.3:a:sap:netweaver_abap:700
-
cpe:2.3:a:sap:netweaver_abap:701
-
cpe:2.3:a:sap:netweaver_abap:702
-
cpe:2.3:a:sap:netweaver_abap:710
-
cpe:2.3:a:sap:netweaver_abap:730
-
cpe:2.3:a:sap:netweaver_abap:731
-
cpe:2.3:a:sap:netweaver_abap:740
-
cpe:2.3:a:sap:netweaver_abap:750
-
cpe:2.3:a:sap:netweaver_abap:751
-
cpe:2.3:a:sap:netweaver_abap:752
-
cpe:2.3:a:sap:netweaver_abap:753
-
cpe:2.3:a:sap:netweaver_abap:754
-
cpe:2.3:a:sap:netweaver_abap:755
-
cpe:2.3:a:sap:netweaver_abap:756
-
cpe:2.3:a:sap:netweaver_application_server_abap:700
-
cpe:2.3:a:sap:netweaver_application_server_abap:701
-
cpe:2.3:a:sap:netweaver_application_server_abap:702
-
cpe:2.3:a:sap:netweaver_application_server_abap:710
-
cpe:2.3:a:sap:netweaver_application_server_abap:730
-
cpe:2.3:a:sap:netweaver_application_server_abap:731
-
cpe:2.3:a:sap:netweaver_application_server_abap:740
-
cpe:2.3:a:sap:netweaver_application_server_abap:750
-
cpe:2.3:a:sap:netweaver_application_server_abap:751
-
cpe:2.3:a:sap:netweaver_application_server_abap:752
-
cpe:2.3:a:sap:netweaver_application_server_abap:753
-
cpe:2.3:a:sap:netweaver_application_server_abap:754
-
cpe:2.3:a:sap:netweaver_application_server_abap:755
-
cpe:2.3:a:sap:netweaver_application_server_abap:756