Vulnerabilites related to SAP SE - SAP NetWeaver AS for JAVA (Telnet Commands)
cve-2021-21485
Vulnerability from cvelistv5
Published
2021-04-13 18:44
Modified
2024-08-03 18:16
Summary
An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.
Impacted products
Vendor Product Version
SAP SE SAP NetWeaver AS for JAVA (Telnet Commands) Version: ENGINEAPI 7.30, 7.31, 7.40, 7.50
Version: ESP_FRAMEWORK 7.10, 7.20, 7.30, 7.31, 7.40, 7.50
Version: SERVERCORE 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
Version: J2EE-FRMW 7.10, 7.20, 7.30, 7.31, 7.40, 7.50
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T18:16:22.530Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://launchpad.support.sap.com/#/notes/3001824",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "SAP NetWeaver AS for JAVA (Telnet Commands)",
               vendor: "SAP SE",
               versions: [
                  {
                     status: "affected",
                     version: "ENGINEAPI 7.30, 7.31, 7.40, 7.50",
                  },
                  {
                     status: "affected",
                     version: "ESP_FRAMEWORK 7.10, 7.20, 7.30, 7.31, 7.40, 7.50",
                  },
                  {
                     status: "affected",
                     version: "SERVERCORE 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50",
                  },
                  {
                     status: "affected",
                     version: "J2EE-FRMW 7.10, 7.20, 7.30, 7.31, 7.40, 7.50",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Information Disclosure",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-13T18:44:47",
            orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd",
            shortName: "sap",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://launchpad.support.sap.com/#/notes/3001824",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cna@sap.com",
               ID: "CVE-2021-21485",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "SAP NetWeaver AS for JAVA (Telnet Commands)",
                                 version: {
                                    version_data: [
                                       {
                                          version_name: "ENGINEAPI",
                                          version_value: "7.30, 7.31, 7.40, 7.50",
                                       },
                                       {
                                          version_name: "ESP_FRAMEWORK",
                                          version_value: "7.10, 7.20, 7.30, 7.31, 7.40, 7.50",
                                       },
                                       {
                                          version_name: "SERVERCORE",
                                          version_value: "7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50",
                                       },
                                       {
                                          version_name: "J2EE-FRMW",
                                          version_value: "7.10, 7.20, 7.30, 7.31, 7.40, 7.50",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "SAP SE",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.",
                  },
               ],
            },
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Information Disclosure",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649",
                     refsource: "MISC",
                     url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649",
                  },
                  {
                     name: "https://launchpad.support.sap.com/#/notes/3001824",
                     refsource: "MISC",
                     url: "https://launchpad.support.sap.com/#/notes/3001824",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd",
      assignerShortName: "sap",
      cveId: "CVE-2021-21485",
      datePublished: "2021-04-13T18:44:47",
      dateReserved: "2020-12-30T00:00:00",
      dateUpdated: "2024-08-03T18:16:22.530Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}