SAP Netweaver Master Data Management
By the Year
In 2024 there have been 0 vulnerabilities in SAP Netweaver Master Data Management . Netweaver Master Data Management did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 2 | 7.90 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Netweaver Master Data Management vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Netweaver Master Data Management Security Vulnerabilities
SAP NetWeaver Master Data Management, versions - 710, 710.750
CVE-2021-21482
8.3 - High
- April 13, 2021
SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. If successful, the attacker could obtain access to highly sensitive data and MDM administrative privileges leading to information disclosure vulnerability thereby affecting the confidentiality and integrity of the application. This happens when security guidelines and recommendations concerning administrative accounts of an SAP NetWeaver Master Data Management installation have not been thoroughly reviewed.
Information Disclosure
When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed
CVE-2021-21469
7.5 - High
- January 12, 2021
When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. When no adequate protection has been enforced on any level (e.g., MDS Server password not set, network and OS configuration not properly secured, etc.), a malicious user might define UNC paths which could then be exploited to put the system at risk using a so-called SMB relay attack and obtain highly sensitive data, which leads to Information Disclosure.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP Netweaver Master Data Management or by SAP? Click the Watch button to subscribe.