VDB

CVE-2021-21448

CVE-2021-21448 PUBLISHED CVSS 5.300000190734863 MEDIUM

SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim.

EPSS 0.05% · 16.6th percentile

Risk Scores

CVSS 3.0
5.300000190734863
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N
EPSS Score
0.05%
16.6th percentile

Affected Products

VendorProductVersions
sapgraphical_user_interface7.60
SAP SESAP GUI FOR WINDOWS< 7.60

Exploit Intelligence

Timeline

  • Jan 12, 2021 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›