Unrated severityNVD Advisory· Published Mar 9, 2021· Updated Aug 3, 2024
CVE-2021-21488
CVE-2021-21488
Description
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deserialization which triggers the attacker’s code, therefore impacting Availability.
Affected products
2- Range: <=7.50
- SAP SE/SAP NetWeaver Knowledge Managementv5Range: < 7.01
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.