PT-2021-14553 · Sap · Sap Payment Engine

Published

2021-03-09

Updated

2021-03-16

CVE-2021-21487

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP Payment Engine version 500

Description The issue is related to the lack of necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Recommendations For SAP Payment Engine version 500, apply the necessary patches or updates to include proper authorization checks for authenticated users.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2021-21487

Affected Products

Sap Payment Engine

PT-2021-14553 · Sap · Sap Payment Engine

CVE-2021-21487

Weakness Enumeration

Related Identifiers

Affected Products

References · 6