CVE-2021-40501
N/A
N/A
Summary
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP ABAP Platform Kernel | < 7.77 | affected |
| SAP SE | SAP ABAP Platform Kernel | < 7.81 | affected |
| SAP SE | SAP ABAP Platform Kernel | < 7.85 | affected |
| SAP SE | SAP ABAP Platform Kernel | < 7.86 | affected |
Weaknesses
- CWE-862: CWE-862
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/3099776
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=589496864
References
- https://launchpad.support.sap.com/#/notes/3099776
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=589496864
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.