发布日期：2021-07-13
更新日期：2021-08-11

受影响系统：

SAP NetWeaver AS ABAP 75F
SAP NetWeaver AS ABAP 75E
SAP NetWeaver AS ABAP 75D
SAP NetWeaver AS ABAP 75C
SAP NetWeaver AS ABAP 75B
SAP NetWeaver AS ABAP 75A
SAP NetWeaver AS ABAP 752
SAP NetWeaver AS ABAP 751
SAP NetWeaver AS ABAP 750
SAP NetWeaver AS ABAP 740
SAP NetWeaver AS ABAP 731
SAP NetWeaver AS ABAP 730
SAP NetWeaver AS ABAP 711
SAP NetWeaver AS ABAP 710
SAP NetWeaver AS ABAP 702
SAP NetWeaver AS ABAP 701
SAP NetWeaver AS ABAP 700

描述：

---

CVE(CAN) ID: CVE-2021-33678

SAP Netweaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。
SAP NetWeaver AS ABAP (Reconciliation Framework)存在代码注入漏洞。攻击者可利用该漏洞注入代码及删除一些关键信息，并使SAP系统完全不可用。

<**>

建议：

---

厂商补丁：

SAP
---
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506

浏览次数：959
严重程度：0（网友投票）