CVE-2021-21484
published 2021-03-09CVE-2021-21484: LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | hana | — | — |
| sap_se | sap_hana | < 2.0 | 2.0 |