{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T07:28:26.859","vulnerabilities":[{"cve":{"id":"CVE-2021-27610","sourceIdentifier":"cna@sap.com","published":"2021-06-16T15:15:08.363","lastModified":"2024-11-21T05:58:17.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by malicious users to obtain illegitimate access to the system."},{"lang":"es","value":"SAP NetWeaver ABAP Server y ABAP Platform, versiones - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, no crea información sobre el usuario RFC interno y externo en un formato consistente y distinguible, lo que podría conllevar a una autenticación inapropiada y podría ser explotado por usuarios maliciosos para obtener acceso ilegítimo al sistema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:700:*:*:*:*:*:*:*","matchCriteriaId":"E0DA7CC6-A0F6-4839-965D-C60F691496AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:701:*:*:*:*:*:*:*","matchCriteriaId":"6497854E-9C7B-4DAF-ADC6-F26523BB7D47"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:702:*:*:*:*:*:*:*","matchCriteriaId":"FFC58754-3A9D-4320-AB4F-385FB72608E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:731:*:*:*:*:*:*:*","matchCriteriaId":"5B8A73A5-4526-40E1-A540-0A6C3F93DA05"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:740:*:*:*:*:*:*:*","matchCriteriaId":"09A38B6E-03DC-4086-A307-542B35814E0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:750:*:*:*:*:*:*:*","matchCriteriaId":"4651257F-7BFC-41AE-8E37-8C96F822CE58"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:751:*:*:*:*:*:*:*","matchCriteriaId":"EECB438D-D5CD-4483-934F-4C814A725A35"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:752:*:*:*:*:*:*:*","matchCriteriaId":"14A1CD95-14E1-438A-92FB-A0E47A88C59F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:753:*:*:*:*:*:*:*","matchCriteriaId":"4148303B-133A-4FD2-B546-DD86C5D0E7C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:754:*:*:*:*:*:*:*","matchCriteriaId":"E51EF6BC-4C1C-4F1B-9873-D571BE3788F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:755:*:*:*:*:*:*:*","matchCriteriaId":"424A3D68-0825-4A2C-BEB1-DC9A212A5E42"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:804:*:*:*:*:*:*:*","matchCriteriaId":"5EFD3BCC-9B3E-49F2-B469-C465381303B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:*:*:*:*","matchCriteriaId":"C5A3C915-0E5F-4B1A-B1EB-5ADEA517F620"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:*:*:*:*","matchCriteriaId":"98B2522A-B850-4EC2-B2F2-5EBF36801B39"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:*","matchCriteriaId":"706FEB9E-3EE9-405E-A8C9-733DAF68AC6D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:*","matchCriteriaId":"5CC29738-CF17-4E6B-9C9E-879B17F7E001"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*","matchCriteriaId":"127E508F-6CC1-41C8-96DF-8D14FFDD4020"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*","matchCriteriaId":"7777AA80-1608-420E-B7D5-09ABECD51728"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*","matchCriteriaId":"0539618A-1C4D-463F-B2BB-DD1C239C23EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*","matchCriteriaId":"62828DCD-F80E-4C7C-A988-EFEA06A5223E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*","matchCriteriaId":"D9F38585-73AE-4DBB-A978-F0272DF8FB58"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*","matchCriteriaId":"D416C064-BB8A-4230-A761-84A93E017F79"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*","matchCriteriaId":"6B8D3EA0-28E6-4333-8C67-B9D3775EB9BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:804:*:*:*:*:*:*:*","matchCriteriaId":"2132C1C0-AD61-4C85-BA07-523206815A4D"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/3007182","source":"cna@sap.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/3007182","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}