CVE-2021-38182

Summary

Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.

Affected Software

VendorProductVersion RangeStatus
SAP SEKyma<1.24.7affected

Weaknesses

  • Header Manipulation

ADP Enrichment

CVE Program Container

Additional References

References