logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-21466

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-21466

Description:
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
Last updated date:
10/01/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/01/2022
Reference url to background

http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/01/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy