Vulnerability Details CVE-2021-40495
There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2021-40495
-
cpe:2.3:a:sap:netweaver_abap:740
-
cpe:2.3:a:sap:netweaver_abap:750
-
cpe:2.3:a:sap:netweaver_abap:751
-
cpe:2.3:a:sap:netweaver_abap:752
-
cpe:2.3:a:sap:netweaver_abap:753
-
cpe:2.3:a:sap:netweaver_abap:754
-
cpe:2.3:a:sap:netweaver_abap:755
-
cpe:2.3:a:sap:netweaver_application_server_abap:740
-
cpe:2.3:a:sap:netweaver_application_server_abap:750
-
cpe:2.3:a:sap:netweaver_application_server_abap:751
-
cpe:2.3:a:sap:netweaver_application_server_abap:752
-
cpe:2.3:a:sap:netweaver_application_server_abap:753
-
cpe:2.3:a:sap:netweaver_application_server_abap:754
-
cpe:2.3:a:sap:netweaver_application_server_abap:755