SAP Cloud Connector 2.0 Configuration File Injection Vulnerability

SAP Cloud Connector 2.0 Configuration File Injection Vulnerability

CVE-2021-33693 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution.

Learn more about our Cloud Audit.