SAP NW DI SSRF vulnerability (CVE-2021-33690)

Description

SAP NetWeaver Development Infrastructure is vulnerable to an SSRF vulnerability. An attacker could exploit this vulnerability to compromise the server.

Remediation

Upgrade to the latest version of SAP DI

References

CVE-2021-33690 Detail

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

Related Vulnerabilities

WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.25.1)

WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)

Apache Solr SSRF CVE-2017-3164

Sonicwall SMA 100 Unintended proxy (CVE-2021-20042)

XML external entity injection via File Upload

Severity

High

Classification

CVE-2021-33690 CWE-918 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities