CVE-2021-21465
Description
The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system.
Risk Information
Base Score
9.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.427
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 731 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 740 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 750 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 751 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 752 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 753 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 754 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 755 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21466,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 782 | Windows |
| Vulnerabilities CVE-2021-21465,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 710 | Windows |
| Vulnerabilities CVE-2021-21465,CVE-2021-21466,CVE-2021-21468 are affected in SAP Business Warehouse (Process Chains) 711 | Windows |
| Vulnerabilities CVE-2021-21465,CVE-2021-21466,CVE-2021-21468,CVE-2023-33992 are affected in SAP Business Warehouse (Process Chains) 730 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 730 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468,CVE-2024-39595 are affected in SAP Business Warehouse (Process Chains) 751 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468,CVE-2024-39595 are affected in SAP Business Warehouse (Process Chains) 752 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468,CVE-2024-39595 are affected in SAP Business Warehouse (Process Chains) 753 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468,CVE-2024-39595 are affected in SAP Business Warehouse (Process Chains) 754 | Windows |
| Vulnerabilities CVE-2020-26838,CVE-2021-21465,CVE-2021-21468,CVE-2024-39595 are affected in SAP Business Warehouse (Process Chains) 755 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 751 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 752 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 753 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 754 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Warehouse (Process Chains) 755 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234