Information Disclosure Vulnerability in SAP NetWeaver Master Data Management
CVE-2021-21482
8.3HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 13 April 2021
What is CVE-2021-21482?
The vulnerability in SAP NetWeaver Master Data Management, versions 710 and 710.750, allows malicious users on the MDM Server subnet to utilize brute force methods for password retrieval. Successful exploitation can grant access to sensitive data and administrative privileges, compromising the application's confidentiality and integrity. This issue arises primarily when security practices concerning administrative account settings are inadequately enforced, putting organizations at risk of significant data breaches.
Affected Version(s)
SAP NetWeaver Master Data Management < 710 < 710
SAP NetWeaver Master Data Management < 710.750 < 710.750