CVE-2021-27612

3.4LOW

Key Information:

Vendor: SAP
Status: SAP Gui For Windows
Vendor: CVE Published:; 11 May 2021

Summary

In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim.

Affected Version(s)

SAP GUI for Windows < 7.60 PL10 < 7.60 PL10

SAP GUI for Windows < 7.70 PL1 < 7.70 PL1

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/3023078

x_refsource_MISC

CVSS V3.1

Score:

3.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 11, 2021
Vulnerability Reserved
Feb 23, 2021