Unrated severityNVD Advisory· Published Nov 10, 2021· Updated Aug 4, 2024
CVE-2021-40503
CVE-2021-40503
Description
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able to logon to the backend system the SAP GUI for Windows was connected to and launch further attacks depending on the authorizations of the user.
Affected products
2- Range: <7.60 PL13, <7.70 PL4
- SAP SE/SAP GUI for Windowsv5Range: < 7.60 PL13
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.