CVE-2021-40504

medium

Description

A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions.

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=589496864

https://launchpad.support.sap.com/#/notes/3105728

Details

Source: Mitre, NVD

Published: 2021-11-10

Updated: 2022-10-06

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N