Unrated severityNVD Advisory· Published Dec 14, 2021· Updated Aug 4, 2024

CVE-2021-44232

Description

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access. The attacker can see the whole filesystem structure but cannot overwrite, delete, or corrupt arbitrary files on the server.

Affected products

SAP/SAF-T Frameworkllm-create
SAP SE/SAF-T Frameworkv5
Range: < SAP_FIN 617

Patches

Vulnerability mechanics

References

launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000