CVE-2021-38175

CVSS 6.5 MEDIUMEPSS 0.8%

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 6.5EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

14 sep 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there would be an impact on integrity and confidentiality.

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Productos afectados

SAP SE · SAP Analysis for Microsoft Office

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://launchpad.support.sap.com/#/notes/3082500 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405