CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:business_client:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_client:7.70:*:*:*:*:*:*:*

Information

Published : 2021-09-14 05:15

Updated : 2021-09-23 12:56


NVD link : CVE-2021-38150

Mitre link : CVE-2021-38150


JSON object : View

CWE
CWE-522

Insufficiently Protected Credentials

Products Affected

sap

  • business_client