CVE-2021-40501

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.
References
Configurations

Configuration 1

cpe:2.3:a:sap:abap_platform_kernel:7.81:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform_kernel:7.85:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform_kernel:7.86:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform_kernel:7.77:*:*:*:*:*:*:*

Information

Published : 2021-11-10 04:15

Updated : 2021-11-12 08:38


NVD link : CVE-2021-40501

Mitre link : CVE-2021-40501

Products Affected
CWE