Security Advisory

CVE-2021-21465

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-12 14:40:57

Last updated 2024-08-03 18:16:22

Assigner sap

State PUBLISHED

Description

The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system.

← Browse all CVEs View on cve.org ↗