CVE-2021-27608
7.5
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Setup | < 9.0 | affected |
Weaknesses
- Unquoted Search Path or Element (CWE - 428)
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
- https://launchpad.support.sap.com/#/notes/3039649
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
- https://launchpad.support.sap.com/#/notes/3039649
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.