CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-27609

SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and manipulate the activation for the SAP EarlyWatch Alert service data collection and sending to SAP without the intended authorization.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.3%

CVSS Severity

CVSS v3 Score 4.6

CVSS v2 Score 4.0

References

https://launchpad.support.sap.com/#/notes/3030948
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649
https://launchpad.support.sap.com/#/notes/3030948
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649

Products affected by CVE-2021-27609

Sap » Focused Run » Version: 200

cpe:2.3:a:sap:focused_run:200
Sap » Focused Run » Version: 300

cpe:2.3:a:sap:focused_run:300

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27609

Products

Pricing

Contact Us