Vulnerabilities > CVE-2022-28771 - Unspecified vulnerability in SAP Business ONE License Service API 10.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |