4.3
CVSSv3

CVE-2021-40496

Published: 12/10/2021 Updated: 28/11/2021
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap netweaver abap 700

sap netweaver abap 701

sap netweaver abap 702

sap netweaver abap 730

sap netweaver abap 731

sap netweaver abap 740

sap netweaver abap 750

sap netweaver abap 751

sap netweaver abap 752

sap netweaver abap 753

sap netweaver abap 754

sap netweaver abap 755

sap netweaver abap 756

sap netweaver abap 785

sap netweaver as abap 700

sap netweaver as abap 701

sap netweaver as abap 702

sap netweaver as abap 730

sap netweaver as abap 731

sap netweaver as abap 740

sap netweaver as abap 750

sap netweaver as abap 751

sap netweaver as abap 752

sap netweaver as abap 753

sap netweaver as abap 754

sap netweaver as abap 755

sap netweaver as abap 756

sap netweaver as abap 785