CVE-2021-38178
N/A
N/A
Summary
The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious code can reach quality and production, and can compromise the confidentiality, integrity, and availability of the system and its data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 700 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 701 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 702 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 710 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 730 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 731 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 740 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 750 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 751 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 752 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 753 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 754 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 755 | affected |
| SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | < 756 | affected |
Weaknesses
- Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983
- https://launchpad.support.sap.com/#/notes/3097887
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983
- https://launchpad.support.sap.com/#/notes/3097887
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.