Lucene search
SapCVELIST:CVE-2021-21491HistoryMar 10, 2021 - 2:11 p.m.
CVE-2021-21491
2021-03-1014:11:46
sap
www.cve.org
3
sap
netweaver
application server
java
webdynpro
redirect
malicious site
reverse tabnabbing
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
36.1%
SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
CNA Affected
[
{
"product": "SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.00"
},
{
"status": "affected",
"version": "< 7.10"
},
{
"status": "affected",
"version": "< 7.11"
},
{
"status": "affected",
"version": "< 7.20"
},
{
"status": "affected",
"version": "< 7.30"
},
{
"status": "affected",
"version": "< 731"
},
{
"status": "affected",
"version": "< 7.40"
},
{
"status": "affected",
"version": "< 7.50"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2021-03-10 15:15:00
nvd
nvd
CVE-2021-21491
2021-03-10 15:15:12
nessus
nessus
SAP NetWeaver AS JAVA Reverse Tabnabbing (2976947)
2021-03-23 00:00:00
cve
cve
CVE-2021-21491
2021-03-10 15:15:12
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
36.1%
Related for CVELIST:CVE-2021-21491