SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. The impact of missing authorization could result to abuse of functionality restricted to a particular user group, and could allow unauthorized users to read, modify or delete restricted data.
2021-07-14T12:15:08.273
2024-11-21T06:09:19.743
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | netweaver_guided_procedures | 7.10 | Yes |
| Application | sap | netweaver_guided_procedures | 7.20 | Yes |
| Application | sap | netweaver_guided_procedures | 7.30 | Yes |
| Application | sap | netweaver_guided_procedures | 7.31 | Yes |
| Application | sap | netweaver_guided_procedures | 7.40 | Yes |
| Application | sap | netweaver_guided_procedures | 7.50 | Yes |