CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42066

SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.8%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 3.5

References

https://launchpad.support.sap.com/#/notes/3101299
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035
https://launchpad.support.sap.com/#/notes/3101299
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035

Products affected by CVE-2021-42066

Sap » Business One » Version: 10.0

cpe:2.3:a:sap:business_one:10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42066

Products

Pricing

Contact Us