exploitDog

CVE-2021-38179

Опубликовано: 12 окт. 2021

Источник: nvd

CVSS3: 4.9

CVSS2: 4

EPSS Низкий

Описание

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.

Ссылки

https://launchpad.support.sap.com/#/notes/3074819
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983
Vendor Advisory
https://launchpad.support.sap.com/#/notes/3074819
Permissions Required
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:business_one:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00335

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mm38-6jpm-jfc4

CVSS3: 4.9

github

больше 3 лет назад

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.

EPSS

Процентиль: 56%

0.00335

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-Other