CVE-2021-27609
published 2021-04-13CVE-2021-27609: SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and manipulate the activation for the SAP EarlyWatch Alert service data collection and sending to SAP without the intended authorization.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | focused_run | — | — |
| sap | focused_run | — | — |
| sap_se | sap_focused_run | < 200 | 200 |
| sap_se | sap_focused_run | < 300 | 300 |