Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deserialization which triggers the attacker’s code, therefore impacting Availability.
2021-03-09T15:15:15.130
2024-11-21T05:48:28.453
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:N/I:N/A:P
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | netweaver_knowledge_management | 7.01 | Yes |
| Application | sap | netweaver_knowledge_management | 7.02 | Yes |
| Application | sap | netweaver_knowledge_management | 7.30 | Yes |
| Application | sap | netweaver_knowledge_management | 7.31 | Yes |
| Application | sap | netweaver_knowledge_management | 7.40 | Yes |
| Application | sap | netweaver_knowledge_management | 7.50 | Yes |