SAP NetWeaver AS for Java Denial of Service Vulnerability

SAP NetWeaver AS for Java Denial of Service Vulnerability

CVE-2021-33670 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.