CVE-2021-33663
Description
SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.189
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP kernel_7.22 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665 are affected in SAP NetWeaver Application Server ABAP kernel_7.49 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP kernel_7.53 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP kernel_7.73 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP kernel_7.77 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665,CVE-2023-35874 are affected in SAP NetWeaver Application Server ABAP kernel_7.81 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP kernel_7.82 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP kernel_7.83 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665 are affected in SAP NetWeaver Application Server ABAP kernel_7.84 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver Application Server ABAP kernel_8.04 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP krnl32nuc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP krnl32nuc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP krnl32uc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP krnl32uc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2022-35294,CVE-2023-35874 are affected in SAP NetWeaver Application Server ABAP krnl64nuc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2023-35874 are affected in SAP NetWeaver Application Server ABAP krnl64nuc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665,CVE-2022-22536 are affected in SAP NetWeaver Application Server ABAP krnl64nuc_7.49 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP krnl64uc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2023-35874 are affected in SAP NetWeaver Application Server ABAP krnl64uc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665,CVE-2022-22536 are affected in SAP NetWeaver Application Server ABAP krnl64uc_7.49 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP krnl64uc_7.53 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver Application Server ABAP krnl64uc_7.73 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2022-22536 are affected in SAP NetWeaver Application Server ABAP krnl64uc_8.04 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.22 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.53 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.77 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33665 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.49 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.73 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2023-35874 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.81 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.82 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.83 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_7.84 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_8.04 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32nuc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32nuc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32uc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32uc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2022-35294,CVE-2023-35874 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64nuc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2023-35874 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64nuc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64nuc_7.49 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_7.22 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2023-35874 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_7.22ext | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_7.49 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2022-22536,CVE-2023-35874,CVE-2024-24740 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_7.53 | Windows |
| Vulnerabilities CVE-2021-33663 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_7.73 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2022-22536 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_8.04 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234