EUVD-2021-8718

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

SAP Business Objects BI Platform allows multiple X-Frame-Options headers, risking Clickjacking attacks

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2021-21444	10 Feb 202100:40	–	circl
CNNVD	SAP Business Objects BI Platform 安全漏洞	9 Feb 202100:00	–	cnnvd
CNVD	SAP Business Objects Business Intelligence Cross-Site Scripting Execution Vulnerability	26 Feb 202100:00	–	cnvd
CVE	CVE-2021-21444	9 Feb 202120:44	–	cve
Cvelist	CVE-2021-21444	9 Feb 202120:44	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	9 Feb 202100:00	–	ncsc
NVD	CVE-2021-21444	9 Feb 202121:15	–	nvd
OSV	CVE-2021-21444	9 Feb 202121:15	–	osv
Prion	Design/Logic Flaw	9 Feb 202121:15	–	prion
RedhatCVE	CVE-2021-21444	22 May 202518:19	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "79d4b9ac-ecdb-3c83-9f72-f2b12c4e698e",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "697c2b01-9937-39d9-8bdb-b8ecab444a3b",
        "product": {
          "name": "SAP Business Objects Business Intelligence Platform (CMC and BI launchpad)"
        },
        "product_version": "< 410"
      },
      {
        "id": "8f0777cd-3136-3f31-8deb-325b3bc587c9",
        "product": {
          "name": "SAP Business Objects Business Intelligence Platform (CMC and BI launchpad)"
        },
        "product_version": "< 420"
      },
      {
        "id": "ad92dda5-3f90-3915-8077-b382cb23a56b",
        "product": {
          "name": "SAP Business Objects Business Intelligence Platform (CMC and BI launchpad)"
        },
        "product_version": "< 430"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/

03 Oct 2025 20:07Current

6Medium risk

Vulners AI Score6

CVSS 35.4

CVSS 25.8

CVSS 3.16.1

EPSS0.00169