Sensitive Information Exposure in SAP NetWeaver AS JAVA Enterprise Portal
CVE-2021-33687
4.5MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 July 2021
What is CVE-2021-33687?
SAP NetWeaver AS JAVA (Enterprise Portal) versions 7.10 through 7.50 may inadvertently expose sensitive information through certain HTTP requests. Attackers can exploit this vulnerability alongside methods such as cross-site scripting (XSS) to gain unauthorized access to confidential data, posing significant risks to the security of affected systems. Security measures should be implemented to mitigate these risks and protect sensitive information.
Affected Version(s)
SAP NetWeaver AS JAVA (Enterprise Portal) < 7.10 < 7.10
SAP NetWeaver AS JAVA (Enterprise Portal) < 7.20 < 7.20
SAP NetWeaver AS JAVA (Enterprise Portal) < 7.30 < 7.30