CVE-2021-40497
CVE-2021-40497
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Oct 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
Affected products
SAP SE · SAP BusinessObjects Analysis, (edition for OLAP)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →