cbcvebase.
CVE-2021-21467
published 2021-01-12

CVE-2021-21467: SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An…

medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check.

Affected

3 ranges
VendorProductVersion rangeFixed in
sap_sesap_banking_services< 400400
sap_sesap_banking_services< 450450
sap_sesap_banking_services< 500500