CVE-2021-27608
First published: Wed Apr 14 2021(Updated: )
An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Setup | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-27608?
The severity of CVE-2021-27608 is considered high due to the potential for privilege escalation.
How do I fix CVE-2021-27608?
To fix CVE-2021-27608, ensure that the service paths for SAPSetup version 9.0 are properly quoted during installation.
What are the potential impacts of CVE-2021-27608?
The potential impacts of CVE-2021-27608 include complete compromise of confidentiality, integrity, and availability.
Which software versions are affected by CVE-2021-27608?
CVE-2021-27608 affects SAPSetup version 9.0.
Is there any specific configuration that can mitigate CVE-2021-27608?
Mitigating CVE-2021-27608 involves configuring service paths correctly to avoid unquoted paths.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- agent/source
- vendor/sap
- canonical/sap setup
- version/sap setup/9.0