CVE-2021-33684
Description
SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.84, allows an attacker to send overlong content in the RFC request type thereby crashing the corresponding work process because of memory corruption vulnerability. The work process will attempt to restart itself after the crash and hence the impact on the availability is low.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.182
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 7.53 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver Application Server ABAP kernel_8.04 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2022-22536 are affected in SAP NetWeaver Application Server ABAP krnl64uc_8.04 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver Application Server ABAP 7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver Application Server ABAP 7.21ext | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2023-0014,CVE-2023-27499 are affected in SAP NetWeaver Application Server ABAP 7.22 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 7.22ext | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2022-35294 are affected in SAP NetWeaver Application Server ABAP 7.49 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 7.77 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 7.81 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver Application Server ABAP krnl32nuc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver Application Server ABAP krnl32uc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver Application Server ABAP krnl64nuc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.21ext | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2023-27499 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.22 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-35294,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.22ext | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2022-35294 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.49 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2022-35294,CVE-2023-27499 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.53 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2022-35294,CVE-2023-27499 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.77 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2022-35294,CVE-2023-27499 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.81 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_8.04 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32nuc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl32uc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64nuc_7.21 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_8.04 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2023-40308,CVE-2023-40309 are affected in SAP NetWeaver and ABAP platform (ST-PI) kernel_8.04 | Windows |
| Vulnerabilities CVE-2021-33663,CVE-2021-33684,CVE-2022-22536 are affected in SAP NetWeaver and ABAP platform (ST-PI) krnl64uc_8.04 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.81 | Windows |
| Vulnerabilities CVE-2021-33684,CVE-2022-22536,CVE-2023-0014,CVE-2023-27499 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.22 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.22ext | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.53 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.77 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234