MEDIUM🇵🇱 Wersja polska

CVE-2021-33689

CVSS 4.3v3.1pub. 2021-07-14upd. 2024-11-21

When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Sap Netweaver Application Server Java

    APP
    Sap
    7.50
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-6287CRITICAL10.0⚠ KEVten sam produkt

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authen...

CVE-2010-5326CRITICAL10.0⚠ KEVten sam produkt

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require ...

CVE-2016-2386CRITICAL9.8⚠ KEVten sam produkt

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to ex...

CVE-2024-22127CRITICAL9.1PL ✓ten sam produkt

SAP NetWeaver AS Java – command injection przez upload pliku w Log Viewer

CVE-2023-40309CRITICAL9.8ten sam produkt

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong aut...