{ "id": "CVE-2021-21465", "sourceIdentifier": "cna@sap.com", "published": "2021-01-12T15:15:15.860", "lastModified": "2022-06-03T13:18:57.777", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system." }, { "lang": "es", "value": "La Interfaz de Base de Datos de BW permite a un atacante con pocos privilegios ejecutar cualquier consulta de la base de datos dise\u00f1ada, exponiendo la base de datos del backend. Un atacante puede incluir sus propios comandos SQL que la base de datos ejecutar\u00e1 sin sanear apropiadamente los datos no confiables, conllevando a una vulnerabilidad de inyecci\u00f3n SQL que puede comprometer por completo el sistema SAP afectado" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.1, "impactScore": 6.0 } ], "cvssMetricV30": [ { "source": "cna@sap.com", "type": "Secondary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.1, "impactScore": 6.0 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.5 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-89" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:710:*:*:*:*:*:*:*", "matchCriteriaId": "C7FAC6A3-1ADF-48F2-971B-5ADF9F101583" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*", "matchCriteriaId": "11DE777B-AA53-4A6B-AD6E-5DCEEAC217AA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*", "matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*", "matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*", "matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*", "matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*", "matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*", "matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*", "matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*", "matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*", "matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*", "matchCriteriaId": "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF" } ] } ] } ], "references": [ { "url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", "source": "cna@sap.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ] }, { "url": "http://seclists.org/fulldisclosure/2022/May/42", "source": "cna@sap.com", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ] }, { "url": "https://launchpad.support.sap.com/#/notes/2986980", "source": "cna@sap.com", "tags": [ "Permissions Required" ] }, { "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", "source": "cna@sap.com", "tags": [ "Vendor Advisory" ] } ] }