Vulnerabilities > CVE-2023-37487 - Unspecified vulnerability in SAP Business ONE 10.0

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

high complexity

sap

NVD

Published: 2023-08-08

Updated: 2024-11-21

Summary

SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the application

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Business ONE 10.0	1

References

https://me.sap.com/notes/3333616
https://me.sap.com/notes/3333616
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html