SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/3099776 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=589496864 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2021-11-10 16:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-40501
Mitre link : CVE-2021-40501
CVE.ORG link : CVE-2021-40501
JSON object : View
Products Affected
sap
- abap_platform_kernel
CWE
CWE-862
Missing Authorization