← Back

Netweaver Master Data Management Server

netweaver_master_data_management_server

Vendor: Sap • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-21475
1Sap
1Netweaver Master Data Management Server
Nov 21, 2024
Feb 9, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'tr...Show more
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. Due to this Directory Traversal vulnerability the attacker could read content of arbitrary files on the remote server and expose sensitive data.Show less