Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2021-38176

Published: 14/09/2021 Updated: 12/07/2022
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Landscape Transformation Replication Server

Vulnerability Summary

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could completely compromise confidentiality, integrity, and availability of the system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap landscape transformation replication server 1.0

sap s\\/4hana 1511

sap s\\/4hana 1610

sap s\\/4hana 1709

sap s\\/4hana 1809

sap s\\/4hana 1909

sap s\\/4hana 2020

sap s\\/4hana 2021

sap landscape transformation 2.0

sap landscape transformation replication server 2.0

sap landscape transformation replication server 3.0

sap test data migration server 4.0

References

CWE-89https://launchpad.support.sap.com/#/notes/3089831https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook