Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSapCVELIST:CVE-2021-40501
HistoryNov 10, 2021 - 3:22 p.m.

CVE-2021-40501

2021-11-1015:22:15
CWE-862
sap
www.cve.org
7
sap
abap
platform kernel
authorization
vulnerability
privileges
escalation

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

28.4%

JSON

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.

CNA Affected

[
  {
    "product": "SAP ABAP Platform Kernel",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.77"
      },
      {
        "status": "affected",
        "version": "< 7.81"
      },
      {
        "status": "affected",
        "version": "< 7.85"
      },
      {
        "status": "affected",
        "version": "< 7.86"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
malwarebytes 1
prion
prion
Authorization
2021-11-10 16:15:00
nvd
nvd
CVE-2021-40501
2021-11-10 16:15:08
cve
cve
CVE-2021-40501
2021-11-10 16:15:08
malwarebytes
malwarebytes
[updated] Patch now! Microsoft plugs actively exploited zero-days and other updates
2021-11-10 14:30:23

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

28.4%

JSON
Related for CVELIST:CVE-2021-40501
prion1nvd1cve1malwarebytes1