CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
Configurations

Configuration 1

cpe:2.3:a:sap:business_client:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_client:7.70:*:*:*:*:*:*:*

Information

Published : 2021-09-14 12:15

Updated : 2022-07-12 05:42


NVD link : CVE-2021-38150

Mitre link : CVE-2021-38150

Products Affected
No products.
CWE
CWE-312

Cleartext Storage of Sensitive Information