CVE-2021-40501 is a vulnerability in SAP Abap Platform Kernel
Published on November 10, 2021
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2021-40501 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2021-40501
Want to know whenever a new CVE is published for SAP Abap Platform Kernel? stack.watch will email you.
Affected Versions
SAP SE SAP ABAP Platform Kernel:- Version < 7.77 is affected.
- Version < 7.81 is affected.
- Version < 7.85 is affected.
- Version < 7.86 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.