### [CVE-2021-40495](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40495)
![](https://img.shields.io/static/v1?label=Product&message=SAP%20NetWeaver%20AS%20ABAP%20and%20ABAP%20Platform&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20740%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20750%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20751%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20752%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20753%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20754%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20755%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brightgreen)

### Description

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.

### POC

#### Reference
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983

#### Github
No PoCs found on GitHub currently.