Privilege Escalation in BW Database Interface: Unauthorized Access to Database Tables

Privilege Escalation in BW Database Interface: Unauthorized Access to Database Tables

CVE-2021-21468 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.

Learn more about our User Device Pen Test.