High severity8.8NVD Advisory· Published Dec 14, 2021· Updated Jun 17, 2026
CVE-2021-38182
CVE-2021-38182
Description
Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SAP SE/Kymav5Range: <1.24.7
Patches
Vulnerability mechanics
References
2- github.com/kyma-project/kyma/security/advisories/GHSA-2vjp-5q24-hqjvnvdThird Party Advisory
- wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021nvdNot Applicable
News mentions
0No linked articles in our index yet.