Privilege Escalation Vulnerability in SAP Banking Services by SAP
CVE-2021-21467
4.3MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 12 January 2021
What is CVE-2021-21467?
The vulnerability in SAP Banking Services occurs due to insufficient authorization checks for authenticated users, allowing privilege escalation. Unauthorized users can access and display restricted Business Partner Generic Market Data (GMD). This flaw highlights the critical need for robust authorization mechanisms to protect sensitive financial data.
Affected Version(s)
SAP Banking Services (Generic Market Data) < 400 < 400
SAP Banking Services (Generic Market Data) < 450 < 450
SAP Banking Services (Generic Market Data) < 500 < 500