Vulnerabilities > CVE-2023-33993 - Unspecified vulnerability in SAP Business ONE 10.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

sap

NVD

Published: 2023-08-08

Updated: 2024-11-21

Summary

B1i module of SAP Business One - version 10.0, application allows an authenticated user with deep knowledge to send crafted queries over the network to read or modify the SQL data. On successful exploitation, the attacker can cause high impact on confidentiality, integrity and availability of the application.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Business ONE 10.0	1

References

https://me.sap.com/notes/3337797
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://me.sap.com/notes/3337797
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html