CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions – 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.

Date published : 2021-09-14

https://launchpad.support.sap.com/#/notes/3060621

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405