CVE-2021-38150

Summary

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Business Client< 7.0affected
SAP SESAP Business Client< 7.70affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References