admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-214xx/CVE-2021-21486.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

199 lines
6.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-21486",
"sourceIdentifier": "cna@sap.com",
"published": "2021-03-09T15:15:14.960",
"lastModified": "2021-03-16T18:12:07.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges."
},
{
"lang": "es",
"value": "SAP Enterprise Financial Services versiones , 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, no llevan a cabo unas comprobaciones de autorizaci\u00f3n necesarias para un usuario autenticado, resultando en una escalada de privilegios"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9939E6A3-772B-4A12-925C-24B16F71AC16"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "3D909C83-6FE7-4AB9-9B11-7EC33EDDDA0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "50D6020F-911D-4097-9797-51BFF66A71D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "93CC1703-9D38-4390-9ED8-64B7640EFE92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "9736A35F-6BFC-46AB-8C97-0872E1459C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.00:*:*:*:*:*:*:*",
"matchCriteriaId": "50CD7494-50B3-4167-90E8-5F9671E4C315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "C9217EEF-D896-49B1-B083-EA9A27B50255"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94D6D8B8-BE7E-4AC3-BE30-1870A37A37FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "513796F8-CD90-4FC0-B7EE-1D820302064D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E8169B-7F3C-4EAE-AE16-699474C5C8D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A189AED2-ACA6-45EC-94D0-02FF4E8E6496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "409525B0-4027-4102-A040-B19E9CFD9247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "71487B12-23A2-4159-8EE8-43CE3C8222B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enterprise_financial_services:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE7D301-0978-4914-A776-B05500740CE4"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3007888",
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink