What is CVE-2021-33690?

A critical Server-Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Development Infrastructure could allow attackers to compromise sensitive data. Immediate remediation is necessary.

What is the severity of CVE-2021-33690?

CVE-2021-33690 has a severity rating of CRITICAL with a CVSS base score of 9.9.

CVE-2021-33690 | Critical Vulnerability in SAP NetWeaver Development Infrastructure

CVE-2021-33690 is a critical Server-Side Request Forgery (SSRF) vulnerability affecting SAP NetWeaver Development Infrastructure Component Build Service versions 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50. This vulnerability allows a threat actor who has access to the server to perform proxy attacks by sending crafted queries. As a result, attackers may compromise sensitive data residing on the server and potentially impact its availability.

The CVSS score for this vulnerability is 9.9, indicating a critical severity level. Organizations running these affected versions should be aware that the impact of this vulnerability significantly depends on whether the SAP NetWeaver Development Infrastructure (NWDI) operates within the intranet or internet, with the worst-case scenario being exposure on the internet.

Organizations should prioritize patching immediately to mitigate potential risks associated with this vulnerability. The presence of a known exploit further underscores the urgency of addressing this issue.

The urgency for defenders is emphasized by the high EPSS score of 0.93259, placing it in the 99.8th percentile of vulnerabilities likely to be exploited in the wild. This highlights the real-world risk posed by CVE-2021-33690.

To ensure security and compliance, organizations must implement the necessary patches and updates to protect their systems from potential exploitation.

Vulnerability Details

The vulnerability allows a threat actor to send crafted queries to the server, which can lead to proxy attacks. The CVSS score of 9.9 categorizes this vulnerability as critical, with potential impacts of high confidentiality, integrity, and availability loss. The affected components include SAP NetWeaver Development Infrastructure versions 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50. The vulnerability was published on September 15, 2021.

Technical Analysis

The root cause of this vulnerability lies in the server's handling of requests, which allows for the execution of unauthorized commands. The attack vector is network-based, requiring low attack complexity and low privileges. User interaction is not required, making it easier for attackers to exploit this vulnerability. The confidentiality, integrity, and availability impacts are all rated as high.

Risk & Impact Analysis

The risk to organizations includes potential data breaches, loss of sensitive information, and overall system unavailability. The blast radius is significant, especially for those systems exposed to the internet. Given the critical CVSS score and the high EPSS percentile, organizations must act swiftly to remediate this vulnerability and protect their assets.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

This vulnerability affects all versions of SAP NetWeaver Development Infrastructure prior to vendor patch, specifically versions 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50.

Mitigation & Remediation

Organizations should prioritize patching immediately. The recommended action is to update to the latest version of SAP NetWeaver Development Infrastructure. For those unable to apply patches, implementing network controls to limit access to the affected systems is essential. Additionally, organizations should consider configuration hardening and continuous security testing to identify similar weaknesses.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unusual query patterns and behavioral anomalies. Network signatures that indicate unauthorized access attempts should be established. Additionally, any changes to system configurations should be tracked closely.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2021-33690 underscores the necessity for organizations to maintain robust security postures, especially concerning SSRF vulnerabilities. It reflects a pattern of increasing sophistication in attacks targeting web applications. Security teams must adopt a proactive approach, incorporating measures such as threat modeling and continuous assessment to mitigate risks associated with similar vulnerabilities.

Organizations can enhance their defenses by implementing a comprehensive vulnerability management program that prioritizes timely updates and security awareness.

Additionally, organizations should consider engaging in penetration testing to validate the effectiveness of their remediation efforts.

Finally, leveraging cloud security assessments can help identify potential attack surfaces in cloud environments.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-33690: Critical Vulnerability in SAP NetWeaver Development Infrastructure