CVE-2021-21444 is a vulnerability in SAP Businessobjects Business Intelligence
Published on February 9, 2021
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack.
Products Associated with CVE-2021-21444
Want to know whenever a new CVE is published for SAP Businessobjects Business Intelligence? stack.watch will email you.
Affected Versions
SAP SE SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad):- Version < 410 is affected.
- Version < 420 is affected.
- Version < 430 is affected.
Exploit Probability
EPSS
0.17%
Percentile
38.20%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.