Vulnerabilities > CVE-2021-38179 - Unspecified vulnerability in SAP Business ONE 10.0

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2021-10-12

Updated: 2022-07-12

Summary

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Business ONE 10.0	1

References

https://launchpad.support.sap.com/#/notes/3074819
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983