CVE-2021-38175
Last modified
CVE-2021-38175 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there would be an impact on integrity and confidentiality.. EPSS estimates a 0.79% chance of exploitation in the next 30 days.
Description
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there would be an impact on integrity and confidentiality.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Analysis For Microsoft Office | 2.8 |
References
- https://launchpad.support.sap.com/#/notes/3082500Permissions Required
- https://launchpad.support.sap.com/#/notes/3082500Permissions Required
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-38175?
How severe is CVE-2021-38175?
How do I fix CVE-2021-38175?
Are you affected by CVE-2021-38175?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST