CVE-2021-21484

Опубликовано: 09 мар. 2021

Источник: nvd

CVSS3: 7.7

CVSS3: 9.8

CVSS2: 6.8

EPSS Низкий

Описание

LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.

Ссылки

https://launchpad.support.sap.com/#/notes/3017378
Permissions Required
Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
Vendor Advisory
https://launchpad.support.sap.com/#/notes/3017378
Permissions Required
Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:hana:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00222

Низкий

7.7 High

CVSS3

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-qq36-2m78-ghvj

github

больше 3 лет назад

LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.

EPSS

Процентиль: 45%

0.00222

Низкий

7.7 High

CVSS3

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-863