CVE-2021-21468

The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:business_warehouse:710:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-01-12 15:15

Updated : 2024-02-28 18:08


NVD link : CVE-2021-21468

Mitre link : CVE-2021-21468

CVE.ORG link : CVE-2021-21468


JSON object : View

Products Affected

sap

  • business_warehouse
CWE
CWE-862

Missing Authorization