CVE-2021-27611 Information

Jun 07, 2022 cve

Description

SAP NetWeaver AS ABAP versions - 700 701 702 730 731 allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data overwrite them or execute a denial of service.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=576094655 https://launchpad.support.sap.com/#/notes/3046610

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.7

Share on: