Unrated severityNVD Advisory· Published Nov 10, 2021· Updated Aug 4, 2024
CVE-2021-40502
CVE-2021-40502
Description
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Authenticated attackers will be able to access and edit data from b2b units they do not belong to.
Affected products
2- SAP SE/SAP Commercev5Range: < 2105.3
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.