CVE-2021-44231

Summary

Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 701affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 740affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 750affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 751affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 752affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 753affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 754affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 755affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 756affected
SAP SESAP ABAP Server & ABAP Platform (Translation Tools)< 804affected

Weaknesses

  • Code injection

ADP Enrichment

CVE Program Container

Additional References

References