Telnet Command Exploit in SAP NetWeaver Application Server for Java Allows Unauthorized Access to NTLM Hashes

Telnet Command Exploit in SAP NetWeaver Application Server for Java Allows Unauthorized Access to NTLM Hashes

CVE-2021-21485 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.

Learn more about our Cis Benchmark Audit For Server Software.