CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.8

References

https://launchpad.support.sap.com/#/notes/2935791
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543
https://launchpad.support.sap.com/#/notes/2935791
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543

Products affected by CVE-2021-21444

Sap » Businessobjects Business Intelligence » Version: 410

cpe:2.3:a:sap:businessobjects_business_intelligence:410
Sap » Businessobjects Business Intelligence » Version: 420

cpe:2.3:a:sap:businessobjects_business_intelligence:420
Sap » Businessobjects Business Intelligence » Version: 430

cpe:2.3:a:sap:businessobjects_business_intelligence:430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21444

Products

Pricing

Contact Us