发布日期：2021-06-08
更新日期：2021-06-11

受影响系统：

SAP NetWeaver AS ABAP and ABAP Platform 755
SAP NetWeaver AS ABAP and ABAP Platform 754
SAP NetWeaver AS ABAP and ABAP Platform 753
SAP NetWeaver AS ABAP and ABAP Platform 752
SAP NetWeaver AS ABAP and ABAP Platform 751
SAP NetWeaver AS ABAP and ABAP Platform 750
SAP NetWeaver AS ABAP and ABAP Platform 740
SAP NetWeaver AS ABAP and ABAP Platform 731
SAP NetWeaver AS ABAP and ABAP Platform 730
SAP NetWeaver AS ABAP and ABAP Platform 711
SAP NetWeaver AS ABAP and ABAP Platform 710
SAP NetWeaver AS ABAP and ABAP Platform 702
SAP NetWeaver AS ABAP and ABAP Platform 700

描述：

---

CVE(CAN) ID: CVE-2021-21473

SAP Netweaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。
SAP NetWeaver AS ABAP and ABAP Platform多个版本存在授权错误漏洞。该漏洞源于程序未正确验证用户授权。未经身份认证的攻击者可利用该漏洞执行报告。

<**>

建议：

---

厂商补丁：

SAP
---
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999

浏览次数：871
严重程度：0（网友投票）