Rewterz Threat Alert – Kimsuky APT group – IOCs
March 9, 2021Rewterz Threat Advisory – SAP NetWeaver Knowledge Management denial of service
March 10, 2021Rewterz Threat Alert – Kimsuky APT group – IOCs
March 9, 2021Rewterz Threat Advisory – SAP NetWeaver Knowledge Management denial of service
March 10, 2021Severity
High
Analysis Summary
CVE-2021-21484
SAP HANA could allow a remote attacker to bypass security restrictions, caused by a flaw when the attached LDAP directory server is configured to enable unauthenticated bind. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass LDAP authentication.
Impact
Security bypass
Affected Vendors
SAP
Affected Products
SAP HANA 2.00
Remediation
Refer to SAP note 3017378 for patch information.