ID CVE-2021-27608
Summary An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.
References
Vulnerable Configurations
  • cpe:2.3:a:sap:setup:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:sap:setup:9.0:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 20-04-2021 - 21:45)
Impact:
Exploitability:
CWE CWE-428
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
Last major update 20-04-2021 - 21:45
Published 14-04-2021 - 15:15
Last modified 20-04-2021 - 21:45
Back to Top