CVE-2021-38175
6.5
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there would be an impact on integrity and confidentiality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Analysis for Microsoft Office | < 2.8 | affected |
Weaknesses
- Information Disclosure
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
- https://launchpad.support.sap.com/#/notes/3082500
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
- https://launchpad.support.sap.com/#/notes/3082500
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.