PT-2021-20267 · Sap · Sap Netweaver Administrator

Published

2021-07-14

Updated

2021-07-16

CVE-2021-33689

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Administrator version 7.50

Description: The issue occurs when a user with insufficient privileges attempts to access any application in the Administrator applications, resulting in no security audit log being created. This impacts the integrity of the security audit log.

Recommendations: For version 7.50, update to a version that includes a fix for this issue to ensure security audit logs are properly created for all access attempts, regardless of user privileges.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-778

Related Identifiers

CVE-2021-33689

Affected Products

Sap Netweaver Administrator

PT-2021-20267 · Sap · Sap Netweaver Administrator

CVE-2021-33689

Weakness Enumeration

Related Identifiers

Affected Products

References · 6