SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data (GMD), due to improper authorization check.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/3008422 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2021-01-12T14:41:45
Updated: 2021-02-11T20:21:45
Reserved: 2020-12-30T00:00:00
Link: CVE-2021-21467
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-12T15:15:16.033
Modified: 2022-10-06T20:39:47.563
Link: CVE-2021-21467
JSON object: View
Redhat Information
No data.
CWE