Main Vulnerability Database Vulnerabilities #VU55835

#VU55835 Input validation error in SAP Cloud Connector - CVE-2021-33693

Published: August 13, 2021

Vulnerability identifier: #VU55835

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-33693

CWE-ID: CWE-20

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
SAP Cloud Connector

Software vendor:
SAP

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input. A remote non-authenticated attacker on the local network can send specially crafted input to the application and bypass security restrictions.

Successful vulnerability exploitation may result in information disclosure or unauthorized data modification.

Remediation

Install updates from vendor's website.

External links

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806

#VU55835 Input validation error in SAP Cloud Connector - CVE-2021-33693

Description

Remediation

External links

Please verify you're human