Описание
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:business_one:9.3:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
4.4 Medium
CVSS3
4.4 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522
Связанные уязвимости
github
больше 3 лет назад
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.
EPSS
Процентиль: 9%
0.00034
Низкий
4.4 Medium
CVSS3
4.4 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522