CVE-2021-21476

🗓️ 09 Feb 2021 20:44:32Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 39 Views

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows unauthenticated attacker to redirect users to malicious site due to Reverse Tabnabbing vulnerabilities

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-21476	10 Feb 202100:40	–	circl
CNNVD	SAP UI5 输入验证错误漏洞	9 Feb 202100:00	–	cnnvd
CNVD	SAP UI5 Open Redirect Vulnerability	26 Feb 202100:00	–	cnvd
Cvelist	CVE-2021-21476	9 Feb 202120:44	–	cvelist
EUVD	EUVD-2021-8750	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	9 Feb 202100:00	–	ncsc
NVD	CVE-2021-21476	9 Feb 202121:15	–	nvd
Prion	Design/Logic Flaw	9 Feb 202121:15	–	prion
RedhatCVE	CVE-2021-21476	22 May 202518:18	–	redhatcve

NVD

Vulners

Node

sap ui5Range<1.38.49

sap ui5Range1.50.5–1.52.49

sap ui5Range1.60.1–1.60.34

sap ui5Range1.71.0–1.71.31

sap ui5Range1.78.0–1.78.18

sap ui5Range1.84.0–1.84.5

sap ui5Range1.85.0–1.85.4

sap ui5Range1.86.0–1.86.1

[
  {
    "product": "SAP UI5",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.38.49"
      },
      {
        "status": "affected",
        "version": "< 1.52.49"
      },
      {
        "status": "affected",
        "version": "< 1.60.34"
      },
      {
        "status": "affected",
        "version": "< 1.71.31"
      },
      {
        "status": "affected",
        "version": "< 1.78.18"
      },
      {
        "status": "affected",
        "version": "< 1.84.5"
      },
      {
        "status": "affected",
        "version": "< 1.85.4"
      },
      {
        "status": "affected",
        "version": "< 1.86.1"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

21 Nov 2024 05:48Current

6.3Medium risk

Vulners AI Score6.3

CVSS 25.8

CVSS 3.16.1

CVSS 34.7

EPSS0.00324

CWE-601