CVE-2021-33705
Published at:
-
15-09-2021 09:15
Last modified:
-
02-02-2022 10:30
Total changes:
-
5
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
None
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
8.1
Base score
2.8
5.2
Exploitability score
Impact score
Verification logic
Reference
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806
- https://launchpad.support.sap.com/#/notes/3074844
- 20220126 Onapsis Security Advisory 2021-0023: SAP Enterprise Portal - SSRF iviewCatcherEditor-Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/165743/SAP-Enterprise-Portal-iviewCatcherEditor-Server-Side-Request-Forgery.html
Keywords