Lucene search

SapCVELIST:CVE-2021-33699

HistoryAug 10, 2021 - 2:07 p.m.

CVE-2021-33699

2021-08-1014:07:53

sap

www.cve.org

7.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.2%

JSON

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user’s sensitive information.

CNA Affected

[
  {
    "product": "SAP Fiori Client Native Mobile for Android",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 3.2"
      }
    ]
  }
]

References

launchpad.support.sap.com/#/notes/3067219

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806

7.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.2%

JSON

Related for CVELIST:CVE-2021-33699