← Back

CVE-2021-42067

nvd nist
Published: Jan 14, 2022Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information alteration or denial of service is possible.

Affected (28)

Sap
2 products
Netweaver Abap
Netweaver Application Server Abap
Configuration A
28 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Netweaver Abap
Version 701
Netweaver Abap
Version 702
Netweaver Abap
Version 711
Netweaver Abap
Version 730
Netweaver Abap
Version 731
Netweaver Abap
Version 740
Netweaver Abap
Version 750
Netweaver Abap
Version 751
Netweaver Abap
Version 752
Netweaver Abap
Version 753
Netweaver Abap
Version 754
Netweaver Abap
Version 755
Netweaver Abap
Version 756
Netweaver Abap
Version 786
Sap
Netweaver Application Server Abap
Version 701
Netweaver Application Server Abap
Version 702
Netweaver Application Server Abap
Version 711
Netweaver Application Server Abap
Version 730
Netweaver Application Server Abap
Version 731
Netweaver Application Server Abap
Version 740
Netweaver Application Server Abap
Version 750
Netweaver Application Server Abap
Version 751
Netweaver Application Server Abap
Version 752
Netweaver Application Server Abap
Version 753
Netweaver Application Server Abap
Version 754
Netweaver Application Server Abap
Version 755
Netweaver Application Server Abap
Version 756
Netweaver Application Server Abap
Version 786

References (4)

Source: cna@sap.com
Permissions Required
Source: cna@sap.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.