Lucene search
SapCVELIST:CVE-2021-40504HistoryNov 10, 2021 - 3:29 p.m.
CVE-2021-40504
2021-11-1015:29:16
CWE-863
sap
www.cve.org
1
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions.
CNA Affected
[
{
"product": "SAP NetWeaver AS for ABAP and ABAP Platform",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 700"
},
{
"status": "affected",
"version": "< 701"
},
{
"status": "affected",
"version": "< 702"
},
{
"status": "affected",
"version": "< 710"
},
{
"status": "affected",
"version": "< 711"
},
{
"status": "affected",
"version": "< 730"
},
{
"status": "affected",
"version": "< 731"
},
{
"status": "affected",
"version": "< 740"
},
{
"status": "affected",
"version": "< 750"
},
{
"status": "affected",
"version": "< 751"
},
{
"status": "affected",
"version": "< 752"
},
{
"status": "affected",
"version": "< 753"
},
{
"status": "affected",
"version": "< 754"
},
{
"status": "affected",
"version": "< 755"
},
{
"status": "affected",
"version": "< 756"
}
]
}
]Related
nvd
nvd
CVE-2021-40504
2021-11-10 16:15:08
prion
prion
Code injection
2021-11-10 16:15:00
nessus
nessus
SAP NetWeaver AS ABAP Incorrect Authorization (November 2021)
2021-11-18 00:00:00
cve
cve
CVE-2021-40504
2021-11-10 16:15:08