CVE-2021-38150
published 2021-09-14CVE-2021-38150: When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | business_client | — | — |
| sap | business_client | — | — |
| sap | business_client | — | — |
| sap | business_client | — | — |
| sap_se | sap_business_client | < 7.0 | 7.0 |
| sap_se | sap_business_client | < 7.70 | 7.70 |