Lucene search
SapCVELIST:CVE-2021-21468HistoryJan 12, 2021 - 2:40 p.m.
CVE-2021-21468
2021-01-1214:40:53
sap
www.cve.org
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.007 Low
EPSS
Percentile
80.3%
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
CNA Affected
[
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 710"
},
{
"status": "affected",
"version": "< 711"
},
{
"status": "affected",
"version": "< 730"
},
{
"status": "affected",
"version": "< 731"
},
{
"status": "affected",
"version": "< 740"
},
{
"status": "affected",
"version": "< 750"
},
{
"status": "affected",
"version": "< 751"
},
{
"status": "affected",
"version": "< 752"
},
{
"status": "affected",
"version": "< 753"
},
{
"status": "affected",
"version": "< 754"
},
{
"status": "affected",
"version": "< 755"
},
{
"status": "affected",
"version": "< 782"
}
]
}
]Related
cve
cve
CVE-2021-21468
2021-01-12 15:15:16
prion
prion
Authorization
2021-01-12 15:15:00
nvd
nvd
CVE-2021-21468
2021-01-12 15:15:16
packetstorm
packetstorm
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.007 Low
EPSS
Percentile
80.3%
Related for CVELIST:CVE-2021-21468