Unrated severityNVD Advisory· Published Jun 9, 2021· Updated Aug 3, 2024
CVE-2021-21473
CVE-2021-21473
Description
SAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user thus allowing an unauthorized user to execute reports in SAP NetWeaver ABAP Platform.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755
- SAP SE/SAP NetWeaver AS ABAP and ABAP Platform (SRM_RFC_SUBMIT_REPORT)v5Range: < 700
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2022/May/42mitremailing-listx_refsource_FULLDISC
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.