CVE-2021-33668

HIGH

SAP InfraBox < 1.2.1 - Unauthenticated LDAP Injection

Title source: llm
STIX 2.1

Description

Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0107
EPSS Percentile 61.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-74
Status published
Products (1)
sap/infrabox < 1.2.1
Published Jun 09, 2021
Tracked Since Feb 18, 2026